OpenWrt Emergency patch: 25.12.2 fixes critical MediaTek Wi-Fi regression
OpenWrt Emergency patch: 25.12.2 fixes critical MediaTek Wi-Fi regression
- 60% of MD5 Password Hashes Can Be Cracked in Under an Hour with a Single GPU
- Dirty Frag: Root Access on Every Major Linux Distribution — No Patch, No Warning
- Ubuntu 26.04 LTS (Resolute Raccoon): The Most Ambitious Ubuntu LTS in a Decade
- Proton Mail: Data Transferred to FBI Again!
- How Close Are Quantum Computers to Breaking RSA-2048?
- How to Prevent Ransomware Infection Risks?
- What is the best alternative to Microsoft Office?
OpenWrt Emergency patch: 25.12.2 fixes critical MediaTek Wi-Fi regression
The second service release of OpenWrt 25.12 arrived just eight days after 25.12.1, driven by a severe 2.4 GHz latency bug that broke dozens of popular routers.
25.12 release timeline
- 5 Mar 2026 25.12.0 — First stable release. Over 4,700 commits since 24.10; new apk package manager, attended sysupgrade, 2,240+ supported devices.
- 18 Mar 2026 25.12.1 — Security-focused service release. Five CVEs patched (Trail of Bits audit), including two HIGH-severity stack buffer overflows in umdns.
- 26 Mar 2026 25.12.2 — Emergency service release. Fixes severe mt76 Wi-Fi latency regression introduced by 25.12.1, plus device-bricking and SFP+ failures.
Three major releases in under four weeks. That pace is exceptional for a project that historically issued service updates roughly every two months for the 24.10 series. OpenWrt 25.12.2, released on 26 March 2026, is not routine housekeeping — it is a targeted emergency response to a regression that the previous update itself introduced.
Previous
Current stable
The regression that forced the release
When 25.12.1 shipped, it inadvertently introduced a severe Wi-Fi latency regression on 2.4 GHz in the mt76 driver stack. Affected users reported latency spikes of up to 30 seconds or more, effectively making wireless unusable on a wide range of MediaTek-based hardware.
A latency regression of up to 30+ seconds on 2.4 GHz is not a minor inconvenience — it is a complete breakdown of wireless service for anyone on affected hardware.
Devices confirmed affected by the mt76 regression
- OpenWrt One (reference device)
- Zyxel EX5601-T0
- ASUS RT-AX53U
- Xiaomi AX3000T and AX6000
- Cudy WR3000 and X6
- GL.iNet Flint 2 (GL-MT6000)
- Many other MediaTek MT7615 / MT7915 / MT7996 / MT7992 / MT792x devices
Beyond the latency fix, 25.12.2 includes multiple further stability improvements for the entire MediaTek Wi-Fi chipset family: per-link beacon monitoring for Multi-Link Operation (MLO), fixes to MT7996/MT7992 link handling during MLO station transitions, and a spinlock fix for a scan work requeue race condition.
Additional Wi-Fi fixes
wifi-scripts: 160 MHz channel width now correctly passed to hostapd — previously it was silently ignored (issue #22481)wifi-scripts: SU beamformee antenna count corrected — wrong count was being sent to the driverhostapd: Memory leak in Radio Resource Management (RRM) ubus interface fixedmac80211 / ath12k: Thermal sensor support added for Qualcomm QCA/IPQ devicesmac80211 / ath9k: GPIO mask handling from device tree corrected
Device-specific fixes
Several fixes address regressions that could brick hardware or prevent devices from booting at all — a high-severity class of bug that warrants an expedited release regardless of any other changes.
- ramips: Kernel decompress error that bricked ELECOM WRC-X1800GS on 25.12.0 is resolved (issue #22270)
- ramips: Fixed initramfs kernel load address for TP-Link EAP615-Wall v1
- ramips: MAC address assignment corrected for Xiaomi Mi AC2100
- mediatek (Bananapi BPI-R4): SFP+ electric module support restored — modules stopped working after a snapshot upgrade (issue #19878)
- ipq40xx: ART partition name fixed for Linksys Velop WHW03 V1 — restores correct Wi-Fi calibration data access
- ipq40xx: MAC address reading fixed for Linksys devices using eMMC-based NVMEM
- ath79: Initramfs boot fixed for Huawei AP5030DN and AP6010DN
- ath79: VLAN CPU port tagging corrected on 2-CPU-port devices
- ath79: Incorrectly included Wi-Fi packages removed from Mikrotik RB750r2 (device has no Wi-Fi hardware)
- apm821xx: U-Boot environment definitions fixed for NETGEAR WNDR4700, Western Digital MyBookLive, Meraki MR24, and Meraki MX60; PCIe boot failure on Meraki MX60 resolved
- lantiq xrx200: Failsafe mode fixed on BT HomeHub 5A — LAN ports 1 & 2 now work correctly in failsafe (issue #22480)
- realtek: D-Link fan control script fixed
- airoha: Kernel module
kmod-pwm-an7581renamed tokmod-pwm-airoha— users with this package explicitly installed must reinstall under the new name
Known issues remaining in 25.12.2
Not every open issue was resolved in this release. The following known problems carry forward and should be reviewed before upgrading:
- Pixel 10 phones have problems connecting to WPA3-protected Wi-Fi 6 access points (issue #21486)
- 802.11r Fast Transition (FT) causes connection problems with some Wi-Fi clients when WPA3 is in use (issue #22200)
- SQM CAKE MQ (
cake_mq) throughput may be unexpectedly low on some configurations following the scheduler fixes in 25.12.1 (issue #22344) - Meraki MX60: Direct sysupgrade to 25.12.2 is not possible without manual preparation —
meraki_loadaddrmust be changed before upgrading. See the device wiki page for instructions.
Upgrade notes
For most users, upgrading within the 25.12 stable series is supported via Attended Sysupgrade (ASU), which preserves installed packages. Direct sysupgrade from 23.05 or earlier is not officially supported — a full reflash is required.
Users of Zyxel EX5601-T0 should verify their WAN interface configuration after upgrading, as the interface was renamed from eth1 to wan in 25.12.1 and this applies to 25.12.2 as well.
Users with kmod-pwm-an7581 explicitly installed on Airoha hardware must reinstall the package under its new name, kmod-pwm-airoha, after upgrading.
Why is 25.12 updating so rapidly?
The 25.12 series represents the largest OpenWrt release in the project’s history — over 4,700 commits, support for 2,240+ devices, a completely new package manager (apk replacing opkg), and a rewritten Wi-Fi scripting layer in ucode. The scope of those changes naturally increases the surface area for regressions.
The 25.12.1 security release, while necessary, introduced the mt76 latency regression precisely because it was touching the Wi-Fi subsystem to address the CVEs found during the Trail of Bits security audit. The downstream cost was a broken 2.4 GHz experience for a large number of MediaTek router users — a demographic that represents a significant portion of the OpenWrt install base.
25.12.2 is therefore best understood as a consequence of responsible security patching in a complex codebase, not as a sign of instability. The rapid turnaround — eight days from the regression’s introduction to its fix landing in a stable release — demonstrates that the project’s maintenance pipeline is functioning well under pressure.
Users on 24.10 who have been holding off upgrading to 25.12 should be aware that the 24.10 branch entered its end-of-life wind-down period with the release of 25.12.0 and will stop receiving security updates in September 2026.
