There is a potentially pretty bad wpa-supplicant vulnerability: http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt The distros are obviously patching this already but I'm posting since several people on the list may be running self-built wpa-supplicant... The vulnerability requires CONFIG_P2P but may be exploitable even in non-P2P usage. Jussi