Published:2025/03/12 Last Updated:2025/03/12
JVN#19358384
hostapd vulnerable to improper processing of RADIUS packets
Overview
hostapd provided by Jouni Malinen fails to process RADIUS packets properly, man-in-the-middle attacks may force RADIUS authentications failed.
Products Affected
- hostapd version 2.11 and earlier
Description
hostapd provided by Jouni Malinen fails to process crafted RADIUS packets properly (CWE-826).
Impact
When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.
Solution
Apply the patches
Apply all the patches provided by the developer in the [Vendor Status] section.
Vendor Status
| Vendor | Link |
| Jouni Malinen | hostapd |
| Commit: 726432d7622cc0088ac353d073b59628b590ea44 | |
| Commit: 339a334551ca911187cc870f4f97ef08e11db109 |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
CVSS v3
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Base Score:
3.7
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
Credit
KUSABA Takeshi of Internet Initiative Japan Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2025-24912 |
| JVN iPedia |
JVNDB-2025-000017 |