Note:
This project will be discontinued after December 13, 2021. [more]
2019-12-12
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service.
Products | Hostapd |
Type | Origin Validation Error (CWE-346) |
First patch | - None (likely due to unavailable code) |
Links | https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850 |