Security issue (DNS poisoning)

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Goto page Previous  1, 2
Author Message
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Mon May 09, 2022 6:49    Post subject: Reply with quote
Ive locked the thread to prevent offtopic remarks and moved such pre-existing comment to moderators forums. In addition, the nature of some replies were conducive to a opposing forums rules standpoint. We (myself included) must all do better as a community to improve general user experience in these boards.

If any other moderator wants to reopen thread and delete/move this post, feel free to do so.

If any community members wish to have this topic reopened, please do not hesitate to ask any of the active moderators via PM, citing a good reason for request, e.g. adding important information that would benefit the community regarding the subject discussed or to edit their previous replies, etc...

Thank you for your understanding.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
Sponsor
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Thu May 19, 2022 8:23    Post subject: Reply with quote
-$ Unlocking thread cooling off period expired.
-$ Running cleanup()
-$ Yommoma jokes denied!
-$ Running nvram_erase()
-$ rebooting ....

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
saphirely
DD-WRT User


Joined: 13 Dec 2020
Posts: 266

PostPosted: Thu May 19, 2022 15:01    Post subject: Reply with quote
I wonder whether I can avoid the uClibc trouble while I always use unbound on Linksys WRT1900ACS, or dnscrypt dns on Netgear R6250 (bad performance for unbound)
saphirely
DD-WRT User


Joined: 13 Dec 2020
Posts: 266

PostPosted: Thu May 19, 2022 15:09    Post subject: Reply with quote
Thank egc DD-WRT Guru.

Current R48897 on my linksys WRT1900ACS (v1), there is not uClib*.so.
I found that libc.so ^&^

Great job!
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Thu May 19, 2022 15:32    Post subject: Reply with quote
DD-WRT is not affected by this, it uses musl, it has used musl for a long time.

No need for panic.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Thu May 19, 2022 17:01    Post subject: Reply with quote
It does look like the uClibc folks are working on patching the vulnerability, but I see no commits at present to uClibc or uClibc-ng.

https://mailman.openadk.org/mailman3/hyperkitty/list/devel@uclibc-ng.org/thread/T5K75RFTNQV24FSQHMRP6UCMMJVIQSYX/

Mailing list: https://mailman.openadk.org/mailman3/hyperkitty/list/devel@uclibc-ng.org/

The above referenced patch has been ported (with corrections) to Freshtomato, but I do not see any commits or updated toolchain files, etc., yet:

https://www.linksysinfo.org/index.php?threads/security-issue-dns-poisoning.77318/

Again, this is not anything that should affect DD-WRT, as previously stated.

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Tue Jun 21, 2022 15:28    Post subject: Reply with quote
Follow-up update:

I have not carefully inspected current publicly released toolchains, other than noticing there are uClibc toolchains in the archive, but this commit makes me go, "hmmm..."

https://github.com/mirror/dd-wrt/commit/b1f56a174cc7a70e68225e379ee0aa496ffe96e2

If you also inspect all of these makefiles, there are references to uclibc; mainly dependent on configuration files - userland binaries may be unaffected, but kernels may not be.

Also verified that FT has indeed made commits for the patches:

https://github.com/pedro0311/freshtomato-arm/search?q=toolchain&type=commits

https://github.com/pedro0311/freshtomato-mips/search?q=toolchain&type=commits

I have not directly inquired within.

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Tue Jun 21, 2022 16:44    Post subject: Reply with quote
Those are just hardcodes to write to that directory and has actually nothing to do with using uClibc.

It really annoyed me, instead of $(ARCH)-uclibc it should use
$(PLATFORMDIR) where

+ifeq ($(CONFIG_MUSL),y)
+export PLATFORM := $(ARCH)-musl
+export PLATFORMDIR := $(TOP)/$(PLATFORM)
+endif

But after spending two days sanitizing the whole source code I gave up.

But no worries DDWRT stopped using uClibc a long time ago at least for all modern routers.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Tue Jun 21, 2022 17:19    Post subject: Reply with quote
I just find it quite another example of obfuscation by default since the uClibc wrapper is present and the config files seem to enable it.

https://github.com/mirror/dd-wrt/tree/master/src/router/configs

Maybe it's just as you have alluded to, for putting it in a staging directory, and nothing more. I'm sure it would be a pain in the ass to remove all references to uClibc if it is not in use, however, I think the Linux 2.4 and Linux 2.6 firmware images may still require uClibc if they are still using the factory firmware binary blobs. I could be wrong, but without confirmation...

Sorry for the noise, lol.

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Goto page Previous  1, 2 Display posts from previous:    Page 2 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum