CVE-2019-5062

Summary

An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service.

Affected Software

VendorProductVersion RangeStatus
n/aW1.f1hostapd version 2.6 on a Raspberry Pi.affected

Weaknesses

  • CWE-440: CWE-440: Expected Behavior Violation

ADP Enrichment

CVE Program Container

Additional References

References