An Important Security Patch to the MadWiFi driver
!!!ATTENTION THIS POST IS REALLY TECHNICAL!!! I'm posting all of this info becuase I'm sure there are many of you use this non-free driver in you Linux
(and other free desktop systems) this is a huge flaw that isn't usually the kind of problem that you find in Linux...
At about 6:30 UTC, the flaw in the MadWifi driver has been patched for Ubuntu Feisty. Here is why this is important:
This patch fixes susceptibility to remote abuse of Channel Switch
Announcement Information Elements by injection of Beacon Frame
packets and improves the reliability of channel switch procedure under
conditions of frequent beacon misses.
Currently, channel switch is performed only after receiving Channel Switch
Announcement with Channel Switch Count
Files:
*
trunk/net80211/ieee80211.h (modified) (1 diff)
HERE IS WHAT IS FOUND IN THE UBUNTU UPDATE MANAGER
linux-restriced-modules-2.6.2-16-generic
Non-free Linux 2.26.20 modules on x86/x86_64
From Version 2.6.20.5-16 to 2.6.20.5-16.29 (Size: 15.0 MB)
CHANGES:
Version 2.6.20.5-16.29:
* madwifi update to 0.9.3.1:
CVE-2006-7180 - http://madwifi.org/changeset/1760
CVE-2006-7177 - http://madwifi.org/changeset/1818
CVE-2006-7178 - http://madwifi.org/changeset/1818
CVE-2006-7179 - http://madwifi.org/changeset/1762
DESCRIPTION:
This package provides restricted modules for Linux version 2.6.20 on x86/x86_64.
Currently the following modules are included:
* madwifi (Atheros)
* fglrx (ATI)
* nvidia
* fcdsl2, fcdslsl, fcdslslusb, fcdslusb, fcdslusb2, fcpci (AVM ISDN)
These modules are "restricted" because they are not available under a completely Free licence.
and...
linux-restriced-modules-common
Non-free Linux 2.26.20 modules helper script
From Version 2.6.20.5-16.28 to 2.6.20.5-16.29 (Size: 21 KB)
CHANGES:
Version 2.6.20.5-16.29:
* madwifi update to 0.9.3.1:
CVE-2006-7180 - http://madwifi.org/changeset/1760
CVE-2006-7177 - http://madwifi.org/changeset/1818
CVE-2006-7178 - http://madwifi.org/changeset/1818
CVE-2006-7179 - http://madwifi.org/changeset/1762
DESCRIPTION:
This package provides only a set of helper scripts to handle linux-restricted-modules.
Recent comments
27 weeks 3 days ago
50 weeks 1 day ago
1 year 3 weeks ago
1 year 3 weeks ago
1 year 3 weeks ago
1 year 3 weeks ago
1 year 5 weeks ago
1 year 7 weeks ago
1 year 8 weeks ago
1 year 9 weeks ago