Broadcom kernel exploit affects many laptops

A wireless security flaw that poses a threat to manufacturers such as Dell and HP has been divulged
Written by Tom Espiner, Contributor

IT managers have been warned about a flaw that affects notebook PCs running Windows 2000 and XP that use Broadcom chipsets.

The Wi-Fi security hole affects many manufacturers' equipment, including HP, Dell, Gateway, Fujitsu and eMachines. The Broadcom Wireless Driver Probe Response SSID Buffer Overflow exploit is at kernel level, allowing an attacker to compromise and fully control a machine, according to malware alert company Secunia.

The vulnerability is caused due to a boundary error in the BCMWL5.SYS device driver when handling probe response requests with a long SSID. This can be exploited to cause a stack-based buffer overflow via a specially crafted packet, according to Secunia. The flaw was discovered by a researcher known as Johnny Cache.

Broadcom created an updated reference driver but opted not to issue a security advisory, according to TechRepublic blogger George Ou. The company was unavailable for comment at the time of writing.

Wireless and Ethernet networking company, Linksys, has released an updated driver that addresses this flaw. Dell and HP have not responded to a request for comment as to whether they have issued updated drivers yet. According to Ou, it's possible to run the Linksys drivers on other laptops to gain protection from the flaw.

For advice on how to install the Linksys drivers visit George Ou's blog.

Editorial standards