Enlarge (credit: Wi-Fi Alliance)

The flaw is located in the RTLWIFI driver, which is used to support Realtek Wi-Fi cards in Linux devices. The vulnerability triggers a buffer overflow in the Linux kernel when a machine with a Realtek Wi-Fi card is within radio range of a malicious device. At a minimum, exploits would allow denial-of-service attacks and possibly could allow a hacker to gain complete control of the computer. The flaw dates back to version 3.12 of the Linux kernel released in 2013.

“The bug is serious,” Nico Waisman, who is a principal security engineer at Github, told Ars. “It’s a vulnerability that triggers an overflow remotely through Wi-Fi on the Linux kernel, as long as you’re using the Realtek (RTLWIFI) driver.”