TP-LINK Information for VU#177092

KCodes NetUSB kernel driver is vulnerable to buffer overflow

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor is in the process of releasing updated firmware addressing this vulnerability. Below is a list of affected devices, sent by the vendor to the reporter; CERT/CC has not been able to confirm this list directly with the vendor:

DSL Modem Routers

(Model Number)

Hardware VersionRelease Date
Archer VR200vV1.0Already released
TD-W8970 V3.0Already released
TD-W9980 V1.0Already released
Archer D2 V1.0Before 2015/05/22
Archer D5V1.0Before 2015/05/25
Archer D7 V1.0Before 2015/05/25
Archer D9 V1.0Before 2015/05/25
TD-W8968 V3.0Before 2015/05/25
TD-W8980 V3.0Before 2015/05/25
TD-W8968 V1.0Before 2015/05/30
TD-W8968 V2.0Before 2015/05/30
TD-VG3631 V1.0Before 2015/05/30
TD-W8970 V1.0Before 2015/05/30
TD-W8970B V1.0Before 2015/05/30
TD-W8980B V1.0Before 2015/05/30
TD-W9980B V1.0Before 2015/05/30
Archer D7BV1.0Before 2015/05/31
TD-VG3631V1.0Before 2015/05/31
TX-VG1530(GPON)V1.0Before 2015/05/31
TD-VG3511V1.0End-Of-Life

 

Wireless Routers

(Model Number)

Hardware VersionRelease Date
Archer C20V1.0Not affected
Archer C7V2.0Already released
Archer C2 V1.0Before 2015/05/22
Archer C5 V1.2Before 2015/05/22
Archer C9 V1.0Before 2015/05/22
TL-WR3500V1.0Before 2015/05/22
TL-WR3600 V1.0Before 2015/05/22
TL-WR4300 V1.0Before 2015/05/22
Archer C20i V1.0Before 2015/05/25
Archer C5 V2.0Before 2015/05/30
Archer C7 V1.0Before 2015/05/30
Archer C8 V1.0Before 2015/05/30
TL-WR842ND V2.0Before 2015/05/30
TL-WR1043ND V2.0Before 2015/05/30
TL-WR1043ND V3.0Before 2015/05/30
TL-WR1045ND V2.0Before 2015/05/30
TL-WR842NDV1.0End-Of-Life
TD-W1042NDV1.0End-Of-Life
TD-W1043NDV1.0End-Of-Life
TD-WDR4900V1.0End-Of-Life

The exact release date may change due to some unexpected incidents.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.