New CVEs in WiFi

(please move to release and security announcements)

OpenWRT will need to cut new point releases.

Yesterday, 5 new CVEs landed for WiFi in the Linux kernel.

This affects everybody who uses WiFi.

Update: apparently, fixes have already landed in 21.x and 22.x master. Just waiting for new builds.

See: (click parent)

1 Like

At what point is a wifi AP vulnerable to this? Can this be abused if for example the AP is determining what channel to use when wifi channel is set to "auto"?




And 21.02 got the necessary fixes as well:

1 Like

so 19.07 is not vulnerable, right (kernel 4.14 with 4.19 wifi) ?

19.07 is not supported, so dont expect any fixes for it


I know it's not but there are people still using it so the message is important to them

1 Like

It looks like kernel 5.1 and up are affected so 19.07 lucked out.

1 Like