Status of Dnsmasq & Aggregation and Fragmentation Vuln Patches?

christopher.ryan · July 26, 2021, 10:50pm

I’m pretty new to finding information on Sierra Wireless’ website, but I know that it’s extremely tedious to find anything I’m looking for. Does anyone know what the status is form the vulnerabilities that plague all of our MP70 units (and most Sierra Wireless products)? I think I saw that AELOS 4.15 might fix some things, but am not sure when that’s slated to come out since June 2021 has passed and it’s still not out.

I’m specifically looking for the 4 most recent vulnerabilities on the security page: IoT Security: Updates & Information | Sierra Wireless

|SWI-PSA-2021-004: Bluetooth Core Specification Vulnerabilities|May 25, 2021
|SWI-PSA-2021-003: Aggregation and Fragmentation Attacks Vulnerabilities May 11, 2021
|SWI-PSA-2021-002: Dnsmasq Vulnerabilities January 20, 2021
SWI-PSA-2021-001: ALEOS Buffer Overflow and Filesystem Disclosure Vulnerability January 19, 2021

Donald · July 30, 2021, 11:27am

Hi christopher.ryan

This is the latest status of Security Updates & Information
The ALEOS 4.15 firmware version will be released in the future.
For an update on when it will be available, please subscribe to the https://source.sierrawireless.com/.

christopher.ryan · August 10, 2021, 3:08pm

Hi Donald,

Yea I was looking more for status, or more granular timelines since that doesn’t really seem to be available.

Topic		Replies	Views
Old Firmware MP70 AirLink Routers	2	1008	November 23, 2020
Looking for Link to MP70 Firmware and Radio FW AirLink Routers	1	1069	April 12, 2021
Rv50 aleos 4.15.3 AirLink Routers fw-upgrade	3	1404	April 21, 2022
RV55 4.17.0.012 Firmware in ALMS AirLink Routers fw-upgrade	3	335	January 19, 2024
RV50 DDoS GB/hr Takeover (Mirai?) AirLink routers	1	1017	April 23, 2018

Status of Dnsmasq & Aggregation and Fragmentation Vuln Patches?

Related topics