A flaw was found in the Linux kernel's Marvell wifi chip driver. A heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c allows remote attackers to cause a denial of service(system crash) or execute arbitrary code.
A flaw was found in Marvell wifi chip driver in Linux kernel. A heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c allows remote attackers to cause a denial of service(system crash) or possibly execute arbitrary code.
Upstream patch submission:
This flaw requires a system with marvell wifi network card to be attempting to connect to a attacker controlled wifi network. A temporary mitigation may be to only connect to known-good networks via wifi, or connect to a network via ethernet. Alternatively if wireless networking is not used the mwifiex kernel module can be blacklisted to prevent misuse of the vulnerable code.
This flaw is currently rated as Important as it is possible for an attacker to setup a wifi access point with identical configuration in another location and intercept have the system auto connect and possibly be exploited.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1715475]
Name: huangwen (ADLab of Venustech)