Is OpenWrt 19.07.4 vulnerable? https://www.bleepingcomputer.com/news/security/dns-cache-poisoning-attacks-return-due-to-linux-weakness/ And if so is there a workaround?

Yep, see here: [image] Mitigation of SAD DNS using Unbound Network and Wireless Configuration You only have to change the default firewall rule for WAN from REJECT to DROP (for both INPUT and FORWARD) or update to newer Linux kernel. Those four rules are fine. More a proto…

CVE-2020-25075 DNS cache poisoning attack

Installing and Using OpenWrt

ergamus December 9, 2020, 5:09pm 2

Yep, see here:

2 Likes