Just to follow up on this particular problem, There have been a number of CERT releases related to this (ten so far) and from just about every major company. Since the kernel of the mimosa is basically a linux kernel and just about every linux release has this problem, I’m assuming that Mimosa has it too. They just aren’t big enough to yet warrant someone going out and filing a CERT against them yet.
In total, ten CVE numbers have been preserved to describe the vulnerability and its impact, and according to the U.S. Department of Homeland Security (DHS), the main affected vendors are Aruba, Cisco, Espressif Systems, Fortinet, the FreeBSD Project, HostAP, Intel, Juniper Networks, Microchip Technology, Red Hat, Samsung, various units of Toshiba and Ubiquiti Networks.
In addition, Android 6.x onward also has been affected. Oh joy!