PT-2019-4181 · Linux+3 · Hostapd+4

Jouni Malinen

·

Published

2019-09-12

·

Updated

2024-10-29

·

CVE-2019-16275

CVSS v3.1

6.5

Medium

VectorAV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions hostapd versions prior to 2.10 wpa supplicant versions prior to 2.10
Description The issue is related to a denial of service caused by mishandled source address validation, which should have been prevented by management frame protection. An attacker within the 802.11 communications range can send a crafted 802.11 frame to cause associated stations to be disconnected, requiring a reconnection to the network. This can be achieved by injecting a specially constructed unauthenticated IEEE 802.11 frame to the access point.
Recommendations For hostapd versions prior to 2.10, update to version 2.10 or later to resolve the issue. For wpa supplicant versions prior to 2.10, update to version 2.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the network to minimize the risk of exploitation.

Fix

DoS

Origin Validation Error

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-346CWE-20

Related Identifiers

ALT-PU-2020-3112
ALT-PU-2020-3113
ALT-PU-2020-3138
ALT-PU-2020-3139
ALT-PU-2021-1466
ALT-PU-2022-1159
ALT-PU-2022-1160
ALT-PU-2022-1927
ALT-PU-2022-1980
ALT-PU-2022-2423
ALT-PU-2023-1833
AZL-6972
BDU:2019-04775
CVE-2019-16275
DLA-1922-1
DSA-4538-1
MGASA-2020-0244
OPENSUSE-SU-2020:2053-1
OPENSUSE-SU-2020:2059-1
OPENSUSE-SU-2020_2053-1
OPENSUSE-SU-2020_2059-1
OPENSUSE-SU-2021:0519-1
OPENSUSE-SU-2021:0545-1
OPENSUSE-SU-2021_0519-1
OPENSUSE-SU-2024:10846-1
OPENSUSE-SU-2024:11515-1
ROSA-SA-2024-2517
SUSE-SU-2020:3380-1
SUSE-SU-2020:3424-1
SUSE-SU-2021:0478-1
SUSE-SU-2021_0478-1
USN-4136-1
USN-4136-2

Affected Products

Alt Linux
Suse
Ubuntu
Hostapd
Wpa Supplicant