Wi-Fi Flaw Could Crash Millions of Phones, Routers, Smart-Home Devices
Coding error puts lots of Linux-based devices at risk
Heads up: There's a potentially serious software flaw that could be used to crash or compromise millions of routers, smart-home devices, smart TVs, PCs running Linux and even Android smartphones.
The issue lies with the Linux driver software for Realtek Wi-Fi chips. A coding error makes it possible for someone within Wi-Fi range to disable or possibly even hijack the device. The attacker won't need to know your Wi-Fi network password or the network name.
Because most routers and smart-home devices run Linux, and the Android operating system is a variant of Linux, the potential impact of this flaw is huge. We just don't yet know how huge, because the flaw was discovered only this week, it's still being studied and no exploit has yet been written for it.
- A router VPN should be your first line of defence
How to protect yourself
There's not much you can do for now, except to turn off Wi-Fi on your Android phone when you leave the house or office so that random devices along the way can't interact with you.
Regarding your smart-home devices, routers, and PCs running Linux, that's trickier. Most of these devices need to have their Wi-Fi radios on all the time. But that means they could be attacked by anyone within range, including from the apartment or house next door, or from the street if you live on lower floors.
MORE: Best Android Antivirus Apps
A fix to the driver is being worked on, but it will be at least a few days before affected PCs can be updated. It may be weeks before affected smartphones get fixes, and many smart-home and embedded devices may never be updated.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Too much to handle
The problem isn't with the Realtek chips themselves, but rather with the RTLWIFI Linux driver written for those chips. A coding oversight lets an attacker create a buffer overflow -- i.e., cause malfunctions by inputting too much information -- in the Linux kernel simply by broadcasting malicious commands.
This "is an overflow that should be exploitable," Github security engineer Nico Waisman, who found the flaw Monday (Oct. 14), told Ars Technica's Dan Goodin yesterday (Oct. 17). "Worst-case scenario, [this] is a denial of service; best scenario, you get a shell."
To translate Waisman's words, you could use this flaw to crash a device, or possibly get remote system access.
The malicious commands would mess with the Realtek chip's Wi-Fi Direct functions. Wi-Fi Direct is an integral part of the Wi-Fi protocol that lets two Wi-Fi-enabled devices connect directly without a router or a wireless network. On most devices, including many Android phones, you can't disable Wi-Fi Direct without turning off Wi-Fi altogether.
What's the real deal with Realtek?
The real question is how many devices use Realtek Wi-Fi chips. That's not easy to figure out, but there seem to be millions.
The WikiDevi website lists hundreds of models of devices that use the chips, including PC network cards, wireless routers, USB Wi-Fi dongles and other networking devices made by dozens of brands, including Belkin, D-Link, Huawei, TRENDNet, Netgear and Zyxel.
Google searches reveal Realtek Wi-Fi card drivers for Acer, Asus, Dell, HP, Lenovo and Toshiba, so the networks cards seem to be pretty widely used. (We couldn't find any Realtek drivers for Apple.) There won't be any problem if the PCs run Windows only, but if you use Linux, make sure you install the latest updates.
But the big question is the exposure of Android phones. We couldn't figure out if any of the most prominent Android smartphone systems-on-a-chip (SoCs), such as the Qualcomm Snapdragon, Samsung Exynos or MediaTek chips, use Realtek Wi-Fi technology.
Realtek itself makes its own SoCs, but while these seem to be used in several smart TVs and TV set-top boxes, we can't tell if those SoCs are in any smartphones.
Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.