Software Engineering Institute

The Apple AirPort Extreme adapter is an 802.11g compatible wireless adapter used in Apple OS X laptops and desktops.

A flaw exists in the way AirPort Extreme wireless drivers handle certain malformed 802.11 frames which may result in an out-of-bounds memory access. This flaw results in a vulnerability that could allow an attacker to cause a kernel panic on a vulnerable system.

To exploit this vulnerability an attacker would need to send a specially crafted 802.11 frame to a vulnerable system. Since 802.11b and 802.11g management frames are not encrypted, using wireless encryption (WEP/WPA) may not mitigate this vulnerability.

Per Apple Security Advisory 2007-01-25, the Core Duo version of Mac mini, MacBook, and MacBook Pro computers are affected by this vulnerability.

A remote unauthenticated attacker within 802.11 radio range may be able to create a denial-of-service condition by crashing a vulnerable system.

Upgrade
Apple has issued an upgrade to address this issue. See or Apple Security Advisory 2007-01-25 or AirPort Extreme Update 2007-001 for more details.

Disable the Affected Wireless Adapter
Until updates can be applied, turning off the wireless adapter can mitigate this vulnerability. To turn off the wireless card, follow the instructions found in Apple's knowledgebase:

Turning AirPort off

Turn your AirPort Card off when you're in situations where radio communication may be prohibited, such as in an airplane or at a hospital.
1.\tOpen the Internet Connect application and click AirPort in the toolbar.
2.\tClick Turn AirPort Off.

If you have disabled the AirPort port in Network preferences, then your AirPort Card is already turned off. To disable the AirPort port, choose Network Port Configurations from the Show pop-up menu and deselect the AirPort checkbox.