Wi-Fi router vendors have started issuing patches to defend their products against Google Chromecast devices.

TP-Link and Linksys were first out of the blocks with firmware fixes, and TP-Link has posted this explanation of the issue.

The bug is not in the routers, but in Google's "Cast" feature, used in Chromecast, Google Home, and other devices. Cast sends multicast DNS (MDNS) packets as a keep-alive for connections to products like Google Home, and it seems someone forgot to configure the feature to go quiet when Chromecast devices are sleeping.

That, at least, is how Vulture South reads the issue that TP-Link's engineer described:

“These packets normally sent in a 20-second interval. However, we have discovered that the devices will sometimes broadcast a large amount of these packets at a very high speed in a short amount of time. This occurs when the device is awakened from the 'sleep mode', and could exceed more than 100,000 packets in a short amount of time.”

It continues: “The longer your device is in 'sleep', the larger this packet burst will be.”

If left alone long enough, TP-Link warned, the burst will fill up the router's memory and leave a reboot the only option to restore connectivity.

As a poster to this Reddit thread noted, MDNS uses UDP – and UDP doesn't have congestion control.

Linksys posted its firmware update here, while Netgear acknowledged the issue and put up a beta firmware release here.

ASUS users may also be affected.

It should be noted that the router vendors' fixes are mitigations while the world waits for Google to patch Cast. ®

UPDATE: The Register understands that Google has admitted to the flaw, said it impacts a "small number" of users, and committed to providing a fix in short order.