Skip to main content

Hostapd CVE-2019-11555

MEDIUM
NULL Pointer Dereference (CWE-476)
2019-04-26 cve@mitre.org
5.9
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
5.9 MEDIUM
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Apr 26, 2019 - 22:29 nvd
MEDIUM 5.9

DescriptionNVD

The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c.

AnalysisAI

The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Technical ContextAI

This vulnerability is classified as NULL Pointer Dereference (CWE-476), which allows attackers to crash the application by dereferencing a null pointer. The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c. Affected products include: W1.Fi Hostapd, W1.Fi Wpa Supplicant. Version information: before 2.8.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Check pointers before dereferencing. Use static analysis tools to detect null pointer paths.

CVE-2017-13082 HIGH POC
8.1 Oct 17

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PT

CVE-2019-9499 HIGH
8.1 Apr 17

The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validati

CVE-2019-9498 HIGH
8.1 Apr 17

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on

CVE-2019-9497 HIGH
8.1 Apr 17

The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element

CVE-2014-3686 MEDIUM
6.8 Oct 16

wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli

CVE-2016-4476 HIGH
7.5 May 09

hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase paramete

CVE-2020-12695 HIGH
7.5 Jun 08

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription r

CVE-2019-9496 HIGH
7.5 Apr 17

An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps

CVE-2026-58374 HIGH
7.1 Jun 30

Denial of service in hostapd 2.11 through pre-2.12 development snapshots (built with CONFIG_IEEE80211BE) lets an unauthe

CVE-2017-13084 MEDIUM
6.8 Oct 17

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) du

CVE-2017-13077 MEDIUM
6.8 Oct 17

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during

CVE-2017-13086 MEDIUM
6.8 Oct 17

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) duri

Share

CVE-2019-11555 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy