An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby Aps of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HW1.fi Hostapd
APPW1.Fi2.6
Related vulnerabilities
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-ch...
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channe...
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subs...
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any...
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar an...