USN-479-1: MadWifi vulnerabilities

29 June 2007

linux-restricted-modules-2.6.15/.17/.20 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 7.04
  • Ubuntu 6.10
  • Ubuntu 6.06 LTS

Software Description


Multiple flaws in the MadWifi driver were discovered that could lead to a system crash. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. (CVE-2006-7177, CVE-2006-7178, CVE-2006-7179, CVE-2007-2829, CVE-2007-2830)

A flaw was discovered in the MadWifi driver that would allow unencrypted network traffic to be sent prior to finishing WPA authentication. A physically near-by attacker could capture this, leading to a loss of privacy, denial of service, or network spoofing. (CVE-2006-7180)

A flaw was discovered in the MadWifi driver’s ioctl handling. A local attacker could read kernel memory, or crash the system, leading to a denial of service. (CVE-2007-2831)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 7.04
linux-restricted-modules-2.6.20-16-386 -
linux-restricted-modules-2.6.20-16-generic -
linux-restricted-modules-2.6.20-16-lowlatency -
linux-restricted-modules-2.6.20-16-powerpc -
linux-restricted-modules-2.6.20-16-powerpc-smp -
linux-restricted-modules-2.6.20-16-powerpc64-smp -
linux-restricted-modules-2.6.20-16-sparc64 -
linux-restricted-modules-2.6.20-16-sparc64-smp -
Ubuntu 6.10
linux-restricted-modules-2.6.17-11-386 -
linux-restricted-modules-2.6.17-11-generic -
linux-restricted-modules-2.6.17-11-powerpc -
linux-restricted-modules-2.6.17-11-powerpc-smp -
linux-restricted-modules-2.6.17-11-powerpc64-smp -
linux-restricted-modules-2.6.17-11-sparc64 -
linux-restricted-modules-2.6.17-11-sparc64-smp -
Ubuntu 6.06 LTS
linux-restricted-modules-2.6.15-28-386 -
linux-restricted-modules-2.6.15-28-686 -
linux-restricted-modules-2.6.15-28-amd64-generic -
linux-restricted-modules-2.6.15-28-amd64-k8 -
linux-restricted-modules-2.6.15-28-amd64-xeon -
linux-restricted-modules-2.6.15-28-k7 -
linux-restricted-modules-2.6.15-28-powerpc -
linux-restricted-modules-2.6.15-28-powerpc-smp -
linux-restricted-modules-2.6.15-28-sparc64 -
linux-restricted-modules-2.6.15-28-sparc64-smp -

To update your system, please follow these instructions:

After a standard system upgrade you need to reboot your computer to effect the necessary changes.