News

Wireless device flaw discovered

A Broadcom wireless device driver, common in millions of laptops, is vulnerable to an attack, according to an advisory from the Month of Kernel Bugs.

SearchSecurity.com Staff

Published: 13 Nov 2006 0:00

A Broadcom wireless device driver is vulnerable to a stack-based buffer overflow that could lead to attacks on computers from a distance, according to an advisory issued Saturday by the Month of Kernel Bugs.

The device driver, a Broadcom BCMWL5.SYS is bundled with a number of new PCs including HP, Dell, Gateway and eMachines. The Broadcom wireless device driver is vulnerable to a stack-based buffer overflow that can lead to arbitrary kernel-mode code execution, according to the advisory.

"This particular vulnerability is caused by improper handling of 802.11 probe responses containing a long SSID field," the MKB said in its advisory.

Broadcom released a fixed driver to their partners, which provides updates for the affected products. Linksys, Zonet, and other wireless card manufactures also provide devices that ship with this driver, MKB said.

The volunteer group, Zero-day Threat Response Team (ZERT), labeled the vulnerability as "critical." computers located a short distance away from laptops are at risk as well as computers located in public spaces with an enabled wireless card in use, ZERT said.

Wireless device flaw discovered

A Broadcom wireless device driver, common in millions of laptops, is vulnerable to an attack, according to an advisory from the Month of Kernel Bugs.

Read more on PC hardware

WAN transformation sparked by 5G, cloud and SD-WAN technologies

Broadcom acquires enterprise business with CA Technologies deal

How has a Broadcom flaw affected the Lenovo ThinkPad?

Critical Broadcom flaws discovered in Lenovo ThinkPads