Comments

You must log in or register to comment.

5

zombie_berkman wrote

Debian already patched it

4

alqm wrote (edited )

Red Hat patched it yesterday too. Both distros did it the same day. Android phones will remain vulnerable, though. If you use LineageOS and your build is being actively developed, a new security update could slip in with a new build. Or if you're rich enough to keep buying new hardware every 6 months ~ 1 year, you might get an official update from Google too.

Imagine all those people running Android 4.X on 5 year old phones. This vulnerability will probably remain exploitable for years.

3

Mullvaden wrote

Imagine all those people running Android 4.X on 5 year old phones. This vulnerability will probably remain exploitable for years.

This is important. I'm one of these people. While I have the cash I don't want to throw out working phones every 6 months. I'll probably have to switch back to 2G, it's still up in my country and I don't use internet that much when I'm just out on the streets.

2

zorblax wrote

this is a vulnerability in wifi, not the LTE network.

1

Mullvaden wrote

(Had to look that up) yes, but it's easier to remember not to use wifi on the phone if it doesn't have that capability.

1

zorblax wrote

Then turn off wifi? You can still use 4G.

Personally I use wifi so little outside my home I probably will just leave it turned off when I'm out and about.

2

[deleted] wrote (edited )

2

surreal wrote

wonder when was the first time actually someone found this, surely it has been used for attacks till now.