USN-404-1: MadWifi vulnerability
Ubuntu Security Notice USN-404-1
9th January, 2007
linux-restricted-modules-2.6.17 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 6.10
Details
Laurent Butti, Jerome Razniewski, and Julien Tinnes discovered that the
MadWifi wireless driver did not correctly check packet contents when
receiving scan replies. A remote attacker could send a specially
crafted packet and execute arbitrary code with root privileges.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 6.10:
- linux-restricted-modules-2.6.17-10-powerpc64-smp 2.6.17.7-10.1
- linux-restricted-modules-2.6.17-10-386 2.6.17.7-10.1
- linux-restricted-modules-2.6.17-10-sparc64-smp 2.6.17.7-10.1
- linux-restricted-modules-2.6.17-10-sparc64 2.6.17.7-10.1
- linux-restricted-modules-2.6.17-10-powerpc 2.6.17.7-10.1
- linux-restricted-modules-2.6.17-10-generic 2.6.17.7-10.1
- linux-restricted-modules-2.6.17-10-powerpc-smp 2.6.17.7-10.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.