A six-year-old bug in the Linux kernel could enable hackers to crash and, under certain circumstances, potentially compromise devices running Realtek Semiconductor Corp.’s Wi-Fi chips.

The issue was discovered by GitHub principal security engineer Nico Waisman, who shared his research with Ars Technica late Thursday. The bug is lurking in the Linux kernel’s RTLWIFI software driver for managing Realtek chips. Taiwan-based Realtek is a major supplier of integrated circuits for consumer devices whose wireless networking parts can be found in many laptops and home routers, as well a limited number of Android handsets.

Waisman stumbled upon the vulnerability while inspecting a section of the RTLWIFI code that handles device-to-device communications. The issue has to do with Wi-Fi Direct, a feature that allows machines to establish a connection without the need for a router. A hacker could exploit the mechanism to send malicious wireless signals to Realtek-powered devices that are in range and have their chip turned on.

Attacks don’t require any input from the user, such as a click on a malicious link, to work. Once the target device receives the malicious wireless signals, hackers can execute a buffer overflow, which overwrites parts of the system’s memory with code of their choosing. 

Waisman told Ars Technica that he’s currently working on a proof-of-concept attack to demonstrate how cybercriminals might go about exploiting the vulnerability. Until that proof-of-concept arrives, there’s no way of knowing exactly how big a threat the bug poses. But the Linux kernel’s developers aren’t waiting for the full report: A fix has already been proposed and it’s expected to roll out in the coming days or weeks.

The discovery of security flaws in the Linux kernel is always a serious matter because the software powers billions of devices ranging from servers to smart home appliances. Among others, it forms the foundation of Google LLC’s Android operating system. Last week, the search giant revealed that hackers were actively attacking Android devices using a previously unknown privilege escalation vulnerability carried over from the Linux kernel.

Photo: Unsplash