[Midnightbsd-cvs] [MidnightBSD/src] ef0f68: Fix hostapd EHT link ID bounds check
Lucas Holt
noreply at github.com
Thu Jul 2 09:16:20 EDT 2026
Branch: refs/heads/stable/4.1
Home: https://github.com/MidnightBSD/src
Commit: ef0f68bda65df8cfbc48d3e5d4658b8ff05ecdbe
https://github.com/MidnightBSD/src/commit/ef0f68bda65df8cfbc48d3e5d4658b8ff05ecdbe
Author: Lucas Holt <luke at foolishgames.com>
Date: 2026-07-02 (Thu, 02 Jul 2026)
Changed paths:
M contrib/wpa/src/ap/ieee802_11_eht.c
Log Message:
-----------
Fix hostapd EHT link ID bounds check
Reject invalid Per-STA Profile link IDs before indexing the MLD links array. This prevents the optional IEEE 802.11be association parser from accepting link ID 15 when only IDs 0 through 14 are valid.
Fixes CVE-2026-58374.
AI-Assisted-by: OpenAI Codex
To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications
More information about the Midnightbsd-cvs
mailing list