hostapd
by Hostap
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-10064 | Hig | 0.49 | 7.5 | 0.04 | Feb 28, 2020 | hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743. | ||
| CVE-2016-10743 | Hig | 0.49 | 7.5 | 0.02 | Mar 23, 2019 | hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call. | ||
| CVE-2022-37660 | Med | 0.42 | 6.5 | 0.00 | Feb 11, 2025 | In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public… | ||
| CVE-2019-13377 | Med | 0.39 | 5.9 | 0.02 | Aug 15, 2019 | The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information… | ||
| CVE-2019-11555 | Med | 0.39 | 5.9 | 0.03 | Apr 26, 2019 | The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL… | ||
| CVE-2025-24912 | Low | 0.24 | 3.7 | 0.01 | Mar 12, 2025 | hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail. |
- risk 0.49cvss 7.5epss 0.04
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
- risk 0.49cvss 7.5epss 0.02
hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.
- risk 0.42cvss 6.5epss 0.00
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public…
- risk 0.39cvss 5.9epss 0.02
The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information…
- risk 0.39cvss 5.9epss 0.03
The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL…
- risk 0.24cvss 3.7epss 0.01
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.