CVE-2019-9496

HIGH

hostapd and wpa_supplicant < 2.7 - Denial of Service via SAE Confirm Message

Title source: llm
STIX 2.1

Description

An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.

References (9)

Core 9
Core References
Patch, Vendor Advisory x_refsource_confirm
https://w1.fi/security/2019-3/
Various Sources vendor-advisory x_refsource_freebsd
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc
Mailing List mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/May/40

Scores

CVSS v3 7.5
EPSS 0.0522
EPSS Percentile 91.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-287 CWE-642
Status published
Products (5)
fedoraproject/fedora 28
fedoraproject/fedora 29
fedoraproject/fedora 30
w1.fi/hostapd < 2.7
w1.fi/wpa_supplicant < 2.7
Published Apr 17, 2019
Tracked Since Feb 18, 2026