For those not familiar with every CVE ID, that's a WiFi driver bug for a "chipset commonly used on embedded platforms that support Wifi6 (802.11ax) including Ubiquiti, Xiaomi, and Netgear devices"
Luckily recent openwrt releases, mainline Linux don’t use the proprietary driver that powers this daemon nor the vulnerable daemon. Since 2023 except for xiaomi routers they shouldn’t be affected I want to add
For those not familiar with every CVE ID, that's a WiFi driver bug for a "chipset commonly used on embedded platforms that support Wifi6 (802.11ax) including Ubiquiti, Xiaomi, and Netgear devices"
Luckily recent openwrt releases, mainline Linux don’t use the proprietary driver that powers this daemon nor the vulnerable daemon. Since 2023 except for xiaomi routers they shouldn’t be affected I want to add
From the other thread: Ubiquiti devices are not impacted by this. [0][1]
[0]: https://community.ui.com/questions/CVE-2024-20017/b3f1a425-d...
[1]: https://news.ycombinator.com/item?id=41610266
Recent and related:
Critical Exploit in MediaTek Wi-Fi Chipsets: Zero-Click Vulnerability - https://news.ycombinator.com/item?id=41605680 - Sept 2024 (97 comments)
I would have really chuckled if there were 2 exploits.