CVE-2019-9497

Name of the Vulnerable Software and Affected Versions hostapd with SAE support versions prior to 2.4 hostapd with EAP-pwd support versions prior to 2.7 wpa supplicant with SAE support versions prior to 2.4 wpa supplicant with EAP-pwd support versions prior to 2.7

Description The issue is related to the implementations of EAP-PWD in hostapd EAP Server and wpa supplicant EAP Peer, which do not validate the scalar and element values in EAP-pwd-Commit. This may allow an attacker to complete EAP-PWD authentication without knowing the password, potentially affecting the integrity and confidentiality of data, as well as causing a denial of service. However, the attacker will not be able to derive the session key or complete the key exchange unless the crypto library does not implement additional checks for the EC point.

Recommendations For hostapd with SAE support versions prior to 2.4, update to a version later than 2.4 to resolve the issue. For hostapd with EAP-pwd support versions prior to 2.7, update to a version later than 2.7 to resolve the issue. For wpa supplicant with SAE support versions prior to 2.4, update to a version later than 2.4 to resolve the issue. For wpa supplicant with EAP-pwd support versions prior to 2.7, update to a version later than 2.7 to resolve the issue.