Expected behavior violation in hostapd - CVE-2019-5061
Published: December 16, 2019
Vulnerability identifier: #VU23612
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2019-5061
CWE-ID: CWE-440
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Jouni Malinen
Affected software:
hostapd
hostapd
Detailed vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an Authentication and AssociationRequest packet is sent before the station has successfully authenticated. A remote attacker on the local network can iterate through a large set of unique MAC addresses to trigger DoS attacks within the upstream network infrastructure.
This can lead to different denial of service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby Aps of the same wireless infrastructure.
Note: This vulnerability affects hostapd Ubiquiti AP-AC-Pro firmware 4.0.10.9653
How to mitigate CVE-2019-5061
Install updates from vendor's website.