Sone127 Patched -

Staying on older firmware (never updating) is the only way to keep Sone127.

The authentication function sone_auth_validate() has been refactored to use file locking ( flock() ) and atomic operations. The window for a TOCTOU attack has been reduced from 250ms to effectively 0ms by using compare-and-swap (CAS) instructions. sone127 patched