Firmware-update: OpenWrt 25.12.1

Versie 25.12.1 van OpenWrt is uitgekomen. OpenWrt is alternatieve opensourcefirmware voor een groot aantal verschillende routers en embedded devices. Door middel van het apk-packagemanagementsysteem is er de mogelijkheid om zelf te bepalen wat de router allemaal wel en niet kan. Ook op GoT zijn er diverse mensen actief mee bezig: zie daarvoor dit topic. Bijwerken van de versie kan met een Attended Sysupgrade, handmatig met een voorgecompileerde firmwareversie van het apparaat dat je gebruikt of compileer je eigen variant met de firmwareselectie. De changelog voor deze uitgave kan hieronder worden gevonden.

Security fixes

OpenWrt components (Trail of Bits audit, February 2026):

• CVE-2026-30871: Stack buffer overflow in umdns DNS PTR query handling (HIGH)
• CVE-2026-30872: Stack buffer overflow in umdns IPv6 reverse DNS lookup (HIGH)
• CVE-2026-30873: Memory leak in jsonpath when processing strings, labels, and regexp tokens (LOW)
• CVE-2026-30874: Command execution via PATH environment variable filter bypass in procd (LOW)

LuCI:

• CVE-2026-32721: Possible XSS attack via malicious SSID in LuCI WiFi scan modal (HIGH)

Additional hardening from the same Trail of Bits audit (no CVE assigned):

• odhcpd: fix stack buffer overflow in DHCPv6 Identity Association logging
• procd: fix out-of-bounds write in cgroup path building and cgroup rule application

Device support

• airoha: fix EN7581 PCIe initialization and add x2 (2-lane) link support — improves PCIe reliability and unlocks full bandwidth for affected devices
• ath79: TP-Link RE355 v1, RE450 v1/v2: fix partition alignment to prevent configuration loss on sysupgrade
• ipq40xx: Devolo Magic 2 WiFi next: enable device support
• ipq40xx: re-enable MeshPoint.One target
• ipq806x: AP3935: fix U-Boot NVMEM layout
• lantiq: fix GPIO expander clock (gpio-stp-xway) — restores correct LED and GPIO behaviour on affected devices
• lantiq: fix missing WAN MAC address assignment on some devices
• mediatek: Cudy M3000: add support for hardware variant with Motorcomm YT8821 PHY (previously only the Realtek PHY variant was supported)
• mediatek: TP-Link BE450: fix 10GbE PHY reset timing that caused intermittent boot stalls, add missing WLAN toggle button, fix reported memory size
• microchipsw: Novarq Tactical 1000: fix swapped SFP I2C buses for ports 1 and 3 — fixes SFP EEPROM read failures
• ramips: Keenetic KN-1910: fix sysupgrade functionality
• realtek: RTL838x-based switches: fix non-functional reboot
• treewide: Linksys devices: fix MAC address assignment

WiFi fixes and improvements

• mac80211: fix crash triggered by Channel Switch Announcement (CSA) when AP VLAN interfaces are in use
• mt76: add MT7990 firmware support (new MediaTek WiFi 7 chipset)
• mt76: mt7915: fix power save mode handling
• mt76: mt7921/MT7902: add MT7902e MCU and DMA layout support
• mt76: mt7996/mt7992: fix crash in transmit path, fix out-of-bounds access during hardware restart, improve MLO/CSA and radar detection support
• wifi-scripts: fix incorrect VHT160 capability advertisement — was incorrectly set on non-160 MHz AP configurations, degrading station upload speed (#22435)
• wifi-scripts: fix malformed wpa_supplicant config when 802.1X EAP credentials (identity, password, certificates) contain spaces (#22212)

Web interface (LuCI) and system fixes

• luci-mod-network: fix XSS vulnerability in WiFi scan modal (CVE-2026-32721)
• ustream-ssl (OpenSSL variant): fix use-after-free crash causing uhttpd (the LuCI web server) to crash under high load (#19349)

Networking and system fixes

• firewall4: set as the preferred firewall package over the legacy firewall package
• iptables: prefer the nftables-backed variants (iptables-nft, ip6tables-nft) when iptables is pulled in as a dependency
• kernel: CAKE QoS scheduler fixes — avoid unnecessary synchronization overhead when running without a rate limit, fix DiffServ rate scaling
• kernel: SFP: improve Huawei MA5671a module support — module is now accessible even when no fiber is connected
• odhcpd: fix segfault when disabling a DHCP interface, fix DHCPv4 lease tree corruption, fix truncated field in DHCPv6 lease queries, fix DNS search list padding
• ppp: fix potential memory safety issue (undefined behavior in memcpy with overlapping buffers); remove the MRU limit patch for PPPoE connections (#573)

Package manager (apk)

• apk: update to version 3.0.5 with several OpenWrt-specific bug fixes
• apk: add --force-reinstall option to reinstall already-installed packages without requiring a version change

Core component updates

• apk: update from 3.0.2 to 3.0.5
• jsonfilter: update from 2025-10-04 to 2026-03-16 (fixes CVE-2026-30873)
• libubox: update from 2026-02-13 to 2026-03-13 (ABI version stabilized for 25.12 stable series)
• Linux kernel: update from 6.12.71 to 6.12.74
• odhcpd: update from 2026-01-19 to 2026-03-16
• omcproxy: update from 2025-10-04 to 2026-03-07
• procd: update from 2026-02-20 to 2026-03-14 (fixes CVE-2026-30874)
• umdns: update from 2025-10-04 to 2026-02-06 (fixes CVE-2026-30871, CVE-2026-30872)
• ustream-ssl: update from 2025-10-03 to 2026-03-01