The LineageOS custom Android ROM project has merged code into its codebase which makes the mobile operating system more resistant to the newly discovered WPA2 vulnerabilities. It’s unclear whether the several commits which Dan Pasanen made mitigate all of the vulnerabilities but there’s a good chance they do given the amount of them made.
If LineageOS has completely closed the attack vectors detailed by the researchers it marks a significant step on the mobile front. Several Linux distributions and Windows machines have already been patched, Apple and Google devices are expected to be updated in the coming weeks. There is significant concern, however, that third-party Android devices, in particular, will be left open to exploitation due to lax patching procedures from OEMs, many of whom, write off devices soon after releasing them and turn their focus towards their next project.
Google is expected to patch its supported devices in early November when it pushes its monthly patches. With LineageOS being one of the biggest custom ROMs, its patch has a good chance of landing on thousands of devices in the coming months. Hopefully, we will now see other custom ROM communities implement similar fixes.
12 Comments - Add comment