CVE-2019-5062

Name of the Vulnerable Software and Affected Versions hostapd version 2.6

Description An issue exists in the 802.11w security state handling for connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service.

Recommendations For hostapd version 2.6, consider disabling the 802.11w security feature as a temporary workaround until a patch is available. Restrict access to the network to minimize the risk of exploitation. Avoid using 802.11w sessions in the affected hostapd version until the issue is resolved.