this post was submitted on 23 Feb 2024
277 points (98.6% liked)
Technology
59589 readers
3332 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Do routers and access points need patching too?
Yeah, check out this link: https://www.top10vpn.com/research/wifi-vulnerabilities/ , it says any Linux device running Intel’s iNet Wireless Daemon in an AP mode.
Hmm how would one know if their specific AP is affected? Lots of manufacturers won’t release updates.
TL;DR: If you're using a linux based AP, check if you're using iwd. If you are, you need to update immediately. Alternatively, if you're using an OpenWRT based router you're good.
It's not clear to me yet if this is specific to intel wireless devices (edit: the IWD wiki page says that it aims to be "a comprehensive Wi-Fi connectivity solution for Linux based devices" so it looks like it would cover any system using IWD, not just Intel AP's).
The article says "everyone using IWD as an access point" and "affects home WiFi networks".
So I went to the good ol' Arch wiki and it gives some details on iwd:
https://wiki.archlinux.org/title/Iwd
Long story short it looks like at a minimum you would need the iwd package installed on a linux based access point (think open source based routers and probably many ISP ones) and an easy way to test for that appears to be if the apps iwctl, iwd and / or iwmon are anywhere on the system (and / or if iwd is running).
If you run
on a normal linux box or
on openwrt based routers it should give you a clear indication.
The linux based router I'm using here has iw and iwlist but they're for a separate package and no iwd daemon running.
I am still digging on this and will be until I'm happy.
update: iwd 2.13 is vulnerable and was released 2024/01/12 so unless you're bang up to date, if you're using iwd you're exposed.
update: even newer versions of OpenWRT don't appear to use IWD.
Thanks a bunch
No worries. :) It was a bit rambling there for a while but I finally got to the bottom of it all.
The article and / or CVE could have done a much better job of making it clear who wasn't affected or at least how to check if you are.
If these CVEs didn't expose a router that doesn't get updates, many others already have. OpenWRT might be more secure than OEM firmware.
Unfortunately my AP doesn’t support OpenWRT.