Kr00k vulnerability (CVE-2019-15126)

Hi Devteam,

Does any action need to be taken in light of this Broadcom exploit CVE-2019-15126 that was discovered back in December? Ars makes it sound like doomsday, but the CVEDetails OpenWrt page doesn't mention it as a known issue in openwrt, and I'm not familiar enough with any of it to know whether that's a good thing (it's already invulnerable) or bad (nobody's looked yet and/or it's a firmware bug that needs mfr. patching). I'm just trying to keep my head above water :slight_smile:



This, by definition, affects only devices with Broadcom fullmac based WLAN cards, which aren't that common for running OpenWrt (e.g. the various Raspberry Pis, D-Link DIR-885L, Linksys EA9200/ EA9500, Netgear r7900/ r8000/ r8500, SmartRG SR400ac, PHICOMM K3, some Allwinner/ sunxi devboards using the sdio based AMPAK AP6212 wireless module). The CVE and corresponding reports furthermore isn't quite clear about the actual background, as it's reported against android platforms (which use a different driver, bcmdhd) and not linux' brcmfmac driver. While the CVE suggests the root cause being located within the firmware (which is also used by brcmfmac), details are lacking.

However, the situation gets very simple if your devices are not using Broadcom wireless chipsets (and the vast majority of OpenWrt targets aren't), as those aren't affected.


Thanks for the prompt feedback! I was also confused about the mention of Android (not that I knew it used a different driver) simply because articles/researchers/breathless newspeople mentioned concern with millions of unpatched routers and access points, which I have to assume are almost all running Linux, not Android.

As for me, I am running an R8000, so I'll want to monitor this for a bit longer to see how it shakes out. Presumably if there is actually a firmware patch, someone will spin a new brcmfmac which will eventually make it into a new OpenWRT release.

1 Like

hi all,

i just read about the new kr00k vulnerability

is openwrt with broadcom based routers like tp-link 1043 affected?

if so, is there a patch coming soon?


I'm also running an R8000 and would be interested in this.

@slh from what I've seen, this is quite a popular device among OpenWRT users.