CVE-2007-2831

Name of the Vulnerable Software and Affected Versions MadWifi versions prior to 0.9.3.1

Description The issue is related to array index errors in the ieee80211 ioctl getwmmparams and ieee80211 ioctl setwmmparams functions. This can be exploited by local users to cause a denial of service, potentially obtain kernel memory contents, and possibly execute arbitrary code via a large negative array index value.

Recommendations For MadWifi versions prior to 0.9.3.1, update to version 0.9.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the ieee80211 ioctl getwmmparams and ieee80211 ioctl setwmmparams functions until a patch is available.