Hostap · Hostapd · CVE-2019-5062
**Name of the Vulnerable Software and Affected Versions**
hostapd version 2.6
**Description**
An issue exists in the 802.11w security state handling for connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service.
**Recommendations**
For hostapd version 2.6, consider disabling the 802.11w security feature as a temporary workaround until a patch is available. Restrict access to the network to minimize the risk of exploitation. Avoid using 802.11w sessions in the affected hostapd version until the issue is resolved.