[OpenWrt-Devel] MIPS stack security and other problems

Dave Taht dave at taht.net
Tue Dec 18 10:05:41 EST 2018

Hauke Mehrtens <hauke at hauke-m.de> writes:

> On 12/17/18 1:54 AM, Dave Taht wrote:
>> A pretty deep look at home MIPS and arm routers, and a surprising bug in Linux/MIPS - by mudge and co:
>> https://cyber-itl.org/2018/12/07/a-look-at-home-routers-and-linux-mips.html
>> I have no idea if current openwrt, or what prior releases... are subject to
>> the problems they outline.
> In the second paper "Build Safety of Software in 28 Popular Home Router"
> [0] they checked the "security" of multiple popular devices, by checking
> if they activate ASLR, Non stack Exec, Relro and stack guards. The best
> device was the Linksys wrt32x and this is based on OpenWrt with not so
> many modifications. ;-) Just something like Samba downgrade to 3.0.37.
> The paper also wonders why the other Linksys devices like the wrt1900ac
> are much worse, but they probably do not use OpenWrt or a much older
> version. The GPL source code tar.gz of the Linksys wrt32x, begins with
> cloning from https://github.com/openwrt/openwrt.git
> It is also interesting how different this approve to security checking
> is to what the German BSI published in the "BSI TR-03148: Secure
> Broadband Router:" [1].
> You can build a device which scores 100% in the one and 0% in the other,
> there is no overlap. ;-)

It isn't really something I can put smiley faces about.

How many of the 28 can be reflashed with modern openwrt?

> Hauke
> [0]:
> https://cyber-itl.org/assets/papers/2018/build_safety_of_software_in_28_popular_home_routers.pdf
> [1]:
> https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03148/TR03148.pdf?__blob=publicationFile&v=2

openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list