CVE-2015-1863 wpa_supplicant vulnerability
Posted: Thu Apr 23, 2015 3:59 pm
A new vulnerability was just announced today relating to wifi security (SSID buffer processing overflow). See http://w1.fi/security/2015-1/wpa_suppli ... erflow.txt. It seems to be related to module wpa_supplicant, which I believe is used by Gargoyle.
I see a patch is being worked over at OpenWRT (search for CVE-2015-1863 at https://dev.openwrt.org). Can someone more knowledgeable (than me) give some guidance on whether this is indeed an issue for Gargoyle (1.6/1.7 series), and how we might find/apply a fix.
Thanks.