CVE-2025-24912

Name
CVE-2025-24912
Description
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vultures@jpcert.or.jp https://jvn.jp/en/jp/JVN19358384/
vultures@jpcert.or.jp https://w1.fi/cgit/hostap/commit/?id=339a334551ca911187cc870f4f97ef08e11db109
vultures@jpcert.or.jp https://w1.fi/cgit/hostap/commit/?id=726432d7622cc0088ac353d073b59628b590ea44
vultures@jpcert.or.jp https://w1.fi/hostapd/

Match rules

CPE URI Source package Min version Max version
hostapd == 2.11 and earlier == 2.11 and earlier
cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:* hostapd >= None <= 2.11

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
hostapd edge-main 2.11-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd edge-main 2.11-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd edge-main 2.11-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd edge-main 2.11-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd edge-main 2.10-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd edge-main 2.9-r6 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd edge-main 2.9-r5 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd edge-main 2.9-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd edge-main 2.9-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd edge-main 2.9-r2 None possibly vulnerable
hostapd edge-main 2.9-r1 None possibly vulnerable
hostapd edge-main 2.8-r0 None possibly vulnerable
hostapd edge-main 2.6-r2 None possibly vulnerable
hostapd 3.23-main 2.11-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd 3.22-main 2.11-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd 3.22-main 2.10-r0 None possibly vulnerable
hostapd 3.22-main 2.9-r3 None possibly vulnerable
hostapd 3.22-main 2.9-r2 None possibly vulnerable
hostapd 3.22-main 2.9-r1 None possibly vulnerable
hostapd 3.22-main 2.8-r0 None possibly vulnerable
hostapd 3.22-main 2.6-r2 None possibly vulnerable
hostapd 3.21-main 2.11-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd 3.21-main 2.10-r0 None possibly vulnerable
hostapd 3.21-main 2.9-r3 None possibly vulnerable
hostapd 3.21-main 2.9-r2 None possibly vulnerable
hostapd 3.21-main 2.9-r1 None possibly vulnerable
hostapd 3.21-main 2.8-r0 None possibly vulnerable
hostapd 3.21-main 2.6-r2 None possibly vulnerable
hostapd 3.20-main 2.10-r6 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd 3.20-main 2.10-r0 None possibly vulnerable
hostapd 3.20-main 2.9-r3 None possibly vulnerable
hostapd 3.20-main 2.9-r2 None possibly vulnerable
hostapd 3.20-main 2.9-r1 None possibly vulnerable
hostapd 3.20-main 2.8-r0 None possibly vulnerable
hostapd 3.20-main 2.6-r2 None possibly vulnerable
hostapd 3.19-main 2.10-r6 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
hostapd 3.19-main 2.10-r0 None possibly vulnerable
hostapd 3.19-main 2.9-r3 None possibly vulnerable
hostapd 3.19-main 2.9-r2 None possibly vulnerable
hostapd 3.19-main 2.9-r1 None possibly vulnerable
hostapd 3.19-main 2.8-r0 None possibly vulnerable
hostapd 3.19-main 2.6-r2 None possibly vulnerable