My 2c, most routers are linux based and are probably based off the same open-source source code, this is why multiple vendors are affected.
This code/library may have been patched already in later versions and router manufacturers are probably running older kernel releases because of compatibility issues with their SOC's provided by the vendor (possibly only even providing blobs instead of source code) requiring manual patching of the affected older libs to merge in later changes.