CVE-2015-4142
EPSS 7.1%hostapd - security update
Published: 6/15/2015Modified: 4/28/2026
Description
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.
Affected packages (2)
- Debian/hostapdfrom 0, < 1:0.6.10-2+squeeze2
- Debian/wpafrom 0, < 2.3-2.2