[Midnightbsd-cvs] [MidnightBSD/src] ef0f68: Fix hostapd EHT link ID bounds check

Lucas Holt noreply at github.com
Thu Jul 2 09:16:20 EDT 2026


  Branch: refs/heads/stable/4.1
  Home:   https://github.com/MidnightBSD/src
  Commit: ef0f68bda65df8cfbc48d3e5d4658b8ff05ecdbe
      https://github.com/MidnightBSD/src/commit/ef0f68bda65df8cfbc48d3e5d4658b8ff05ecdbe
  Author: Lucas Holt <luke at foolishgames.com>
  Date:   2026-07-02 (Thu, 02 Jul 2026)

  Changed paths:
    M contrib/wpa/src/ap/ieee802_11_eht.c

  Log Message:
  -----------
  Fix hostapd EHT link ID bounds check

Reject invalid Per-STA Profile link IDs before indexing the MLD links array. This prevents the optional IEEE 802.11be association parser from accepting link ID 15 when only IDs 0 through 14 are valid.

Fixes CVE-2026-58374.

AI-Assisted-by: OpenAI Codex



To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications


More information about the Midnightbsd-cvs mailing list