New Wi-Fi vulnerabilities affecting Linux and Android

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
View previous topic :: View next topic  
Author Message
raincity
DD-WRT Novice


Joined: 15 Feb 2012
Posts: 34
PostPosted: Wed Feb 28, 2024 19:38    Post subject: New Wi-Fi vulnerabilities affecting Linux and Android Reply with quote
Quote:
The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a security evaluation of wpa_supplicant and Intel's iNet Wireless Daemon (IWD), respectively.

https://thehackernews.com/2024/02/new-wi-fi-vulnerabilities-expose.html

These affect both Wi-Fi clients and access points.

Does the Linux vulnerability include the implementation of Linux in DD-WRT?
Back to top View user's profile Send private message Send e-mail
Sponsor
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14249
Location: Texas, USA
PostPosted: Thu Feb 29, 2024 1:46    Post subject: Reply with quote
Patches backported to older hostapd versions, otherwise, with the newest hostapd version in use:
BrainSlayer wrote:
second cve belongs to iwd only which is not used by dd-wrt. first is for peap authentication only under certain circumstances. the fix for it will turn existing peop configurations incompatible since it's basically a enforced extended configuration parameter for securing it.

https://svn.dd-wrt.com/changeset/55221

https://svn.dd-wrt.com/changeset/55222

https://svn.dd-wrt.com/changeset/55224

https://svn.dd-wrt.com/changeset/55225

https://svn.dd-wrt.com/changeset/55226

https://svn.dd-wrt.com/changeset/55235

https://svn.dd-wrt.com/changeset/55236
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Back to top View user's profile Send private message Visit poster's website
raincity
DD-WRT Novice


Joined: 15 Feb 2012
Posts: 34
PostPosted: Thu Feb 29, 2024 22:12    Post subject: Reply with quote
kernel-panic69 wrote:
Patches backported to older hostapd versions, otherwise, with the newest hostapd version in use:
BrainSlayer wrote:
second cve belongs to iwd only which is not used by dd-wrt. first is for peap authentication only under certain circumstances. the fix for it will turn existing peop configurations incompatible since it's basically a enforced extended configuration parameter for securing it.


Thanks much!
Back to top View user's profile Send private message Send e-mail
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum