projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 76d5ab4) | patch
package/hostapd: fix CVE-2019-16275
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Mon, 30 Mar 2020 21:54:25 +0000 (23:54 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Thu, 2 Apr 2020 19:53:23 +0000 (21:53 +0200)
commit749fbab0bb4bad3748d164f8c25485618f0ed1ce
treea09bc9736764d0833f18857530b77effc9955387tree
parent76d5ab4d17fe00514c45323ab077d3b85a7add47commit | diff
package/hostapd: fix CVE-2019-16275

hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect
indication of disconnection in certain situations because source address
validation is mishandled. This is a denial of service that should have
been prevented by PMF (aka management frame protection). The attacker
must send a crafted 802.11 frame from a location that is within the
802.11 communications range.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/hostapd/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch [new file with mode: 0644] blob
package/hostapd/hostapd.mk diff | blob | history