OpenWrt 24.10.6 - Service Release

Hauke Mehrtens hauke at hauke-m.de
Wed Mar 18 16:14:46 PDT 2026 

Hi,

The OpenWrt community is proud to announce the newest stable release of 
the OpenWrt 24.10 stable series.

Download firmware images using the OpenWrt Firmware Selector:
   * https://firmware-selector.openwrt.org/?version=24.10.6

Download firmware images directly from our download servers:
   * https://downloads.openwrt.org/releases/24.10.6/targets/

Main changes between OpenWrt 24.10.5 and OpenWrt 24.10.6
==========================

Only the main changes are listed below.  See 
[changelog-24.10.6](https://openwrt.org/releases/24.10/changelog-24.10.6) 
for the full changelog.

Security fixes
==========

OpenWrt components (Trail of Bits audit, February 2026):
   * CVE-2026-30871: Stack buffer overflow in umdns DNS PTR query 
handling (HIGH)
   * CVE-2026-30872: Stack buffer overflow in umdns IPv6 reverse DNS 
lookup (HIGH)
   * CVE-2026-30873: Memory leak in jsonpath when processing strings, 
labels, and regexp tokens (LOW)
   * CVE-2026-30874: Command execution via PATH environment variable 
filter bypass in procd (LOW)

LuCI:
   * CVE-2026-32721: Possible XSS attack via malicious SSID in LuCI WiFi 
scan modal (MEDIUM)

OpenSSL:
   * openssl: update to 3.0.19, fixing multiple security vulnerabilities

Device support
===========

   * airoha: an7581: fix switch port and LED functionality
   * ath79: CF-EW71 v2: fix MAC address assignment
   * imx: Gateworks Venice GW72xx-2x, GW73xx-2x, GW75xx-0x, GW75xx-2x: 
add sysupgrade support
   * ipq40xx: ASUS Lyra: fix reading of WiFi calibration data
   * lantiq: fix GPIO expander clock, restoring correct LED and GPIO 
behaviour on affected devices
   * mediatek: Banana Pi BPi-R3: fix PWM fan speed control — medium 
cooling level now works correctly
   * mediatek: Cudy AP3000 v1, Cudy WR3000H: fix Ethernet connectivity 
on units with a Motorcomm PHY
   * mediatek: Cudy M3000, ramips: Cudy AP1300 Outdoor: fix incorrect 
Ethernet port assignment
   * mediatek: Cudy WR3000P: enable USB 3.0 support in default firmware 
image
   * mediatek: GL-MT2500: fix sysupgrade compatibility from earlier releases
   * mt7620: fix potential crash on MT7620-based devices
   * ramips: mt76x8: fix boot counter tracking
   * realtek: GS1900-24E: fix switch reliability


Various fixes and improvements
====================

   * imx: cortexa53: fix memory allocation for DMA-intensive operations
   * jsonpath: fix memory leak (CVE-2026-30873)
   * mac80211: ath11k: fix crash caused by unsupported 11ax EDCA parameters
   * mac80211: ath9k: fix WiFi hang — chip is now automatically reset on 
inactivity
   * mt76: mt76x02: fix WiFi traffic stall after interface reconfiguration
   * procd: fix security issues (CVE-2026-30874) and other improvements
   * umdns: fix security issues (CVE-2026-30871, CVE-2026-30872)

Core components update
==============

   * Linux kernel: update from 6.6.119 to 6.6.127
   * openssl: update from 3.0.18 to 3.0.19
   * procd: update from 2024-12-22 to 2026-03-14
   * umdns: update from 2025-02-10 to 2026-02-06
   * wireless-regdb: update from 2025.10.07 to 2026.02.04

OpenWrt 24.10 end of life
===================

With the release of OpenWrt 25.12 stable series, the OpenWrt 24.10 
stable series will go end of life in 6 months. We will not provide 
security updates for OpenWrt 24.10 after September 2026. We encourage 
everyone to upgrade to OpenWrt 25.12 before September 2026.

Upgrading to 24.10
===================

Sysupgrade can be used to upgrade a device from 23.05 to 24.10, and 
configuration will be preserved in most cases.

For for upgrades inside the OpenWrt 24.10 stable series for example from 
a OpenWrt 24.10 release candidate [Attended 
Sysupgrade](https://openwrt.org/docs/guide-user/installation/attended.sysupgrade) 
is supported in addition which allows preserving the installed packages too.

  * Sysupgrade from 22.03 to 24.10 is not officially supported.

  * There is no configuration migration path for users of the ipq806x 
target for Qualcomm Atheros IPQ806X SoCs because it switched to 
[DSA](https://openwrt.org/docs/guide-user/network/dsa/start). You have 
to upgrade without saving the configuration.
''Image version mismatch. image 1.1 device 1.0 Please wipe config during 
upgrade (force required) or reinstall. Config cannot be migrated from 
swconfig to DSA Image check failed''

  * User of the Linksys E8450 aka. Belkin RT3200 running OpenWrt 23.05 
or earlier will need to run installer version 
[v1.1.3](https://github.com/dangowrt/owrt-ubi-installer/releases/tag/v1.1.3) 
or later in order to reorganize the UBI layout for the 24.10 release. [A 
detailed description is in the OpenWrt 
wiki.](https://openwrt.org/toh/linksys/e8450#upgrading_an_ubi_installation_to_new_releases_after_2024-02_includes_all_snapshots_2410-snapshots_24100-rcx_releases_and_all_releases_in_the_foreseable_future) 
Updating without using the installer will break the device. Sysupgrade 
will show a warning before doing an incompatible upgrade.

  * Users of the Xiaomi AX3200 aka. Redmi AX6S running OpenWrt 23.05 or 
earlier have to follow a [special upgrade procedure described in the 
wiki](https://openwrt.org/toh/xiaomi/ax3200#upgrading_from_2305_and_earlier_to_upcoming_2410_or_snapshot). 
This will increase the flash memory available for OpenWrt. Updating 
without following the guide in the wiki break the device. Sysupgrade 
will show a warning before doing an incompatible upgrade.

  * Users of Zyxel GS1900 series switches running OpenWrt 23.05 or 
earlier have to perform a new factory install with the initramfs image 
due to a changed partition layout. Sysupgrade will show a warning before 
doing an incompatible upgrade and is not possible. After upgrading, the 
config file /etc/config/system should not be restored from a backup, as 
this will overwrite the new compat_version value.

Known issues
===========

   * **LEDs for Airoha AN8855 are not yet supported.** Devices like the 
Xiaomi AX3000T with an Airoha switch will have their switch LEDs powered 
off. This issue will be addressed in an upcoming OpenWrt SNAPSHOT and 
the OpenWrt 24.10 minor release.
   * **5GHz WiFi is non-functional on certain devices with ath10k 
chipsets.** Affected models include the Phicomm K2T, TP-Link Archer C60 
v3 and possibly others. For details, see [issue 
#14541](https://github.com/openwrt/openwrt/issues/14541).


-----------------

Full release notes and upgrade instructions are available at
  https://openwrt.org/releases/24.10/notes-24.10.6

In particular, make sure to read the regressions and known issues before 
upgrading:
  https://openwrt.org/releases/24.10/notes-24.10.6#known_issues

For a detailed list of all changes since 24.10.5, refer to
  https://openwrt.org/releases/24.10/changelog-24.10.6

To download the 24.10.6 images, navigate to:
  https://downloads.openwrt.org/releases/24.10.6/targets/
Use OpenWrt Firmware Selector to download:
  https://firmware-selector.openwrt.org?version=24.10.6

As always, a big thank you goes to all our active package maintainers, 
testers, documenters and supporters.

Have fun!

The OpenWrt Community

---

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

   * a low-volume mailing list for important announcements:
https://lists.openwrt.org/mailman/listinfo/openwrt-announce

   * a dedicated "announcements" section in the forum:
https://forum.openwrt.org/c/announcements/14

   * other announcement channels (such as RSS feeds) might be added in the
     future, they will be listed at https://openwrt.org/contact

More information about the openwrt-announce mailing list