Security: Random cypto generator broken in MIPS Kernel

RouterOS General
1

Some weeks ago a bug in the random function get_cycles() of the Linux kernel for MIPS processors was discovered.

e.g. https://lists.openwrt.org/pipermail/openwrt-devel/2013-September/021318.html

And 10 days ago a fix was provided for this:

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9c9b415c50bc298ac61412dff856eae2f54889ee

My questions are:

  1. Is the RouterOS vulnerable? Which versions are?
  2. Is the IPsec Implementation vulnerable?
  3. When will you release a fix?
2

Good question!!!

MikroTik continuously improve Router OS, bestway to make your MikroTik router safe and secure, just check MikroTik site for latest Router OS version and upgrade your own router accordingly.

Good Luck

3

No answer?

4

Still no answer? I’ve also sent a mail to the mikrotik support but also no answer there either …do I need to consider the ipsec part to be brocken for the future?