Hacker News new | ask | show | jobs
by dontbenebby 1346 days ago
>It's worse than that - android kernels process beacon frames even if wifi is disabled.

>So you should be worried about this if you have an android 11/12 phone, even if you don't use wifi.

Is this issue (RCE even with wifi off across a huge swathe of devices ) common to many vulnerabilities, and we're just discussing this one because it hit the front page, or is this vulnerability especially... egregious?
1 comments
londons_explore 1346 days ago
> this vulnerability especially... egregious

This. The typical vulnerability requires an obscure hardware or software config, the user to do something unusual or foolish, or an attacker on the local network. This requires none of that.

link
dontbenebby 1346 days ago
>The typical vulnerability requires an obscure hardware or software config, the user to do something unusual or foolish, or an attacker on the local network. This requires none of that.

Thanks for the explanation. I usually abhor how the word "wormable" is thrown around but it sounds like it might apply here, especially since many devices running this software may be difficult to patch? Yikes.

I actually just put in my two weeks notice to spend the rest of spooky season focused on my art rather than infosec, but I hope folks don't have this... abused.

link