[Midnightbsd-cvs] [MidnightBSD/src] c1b089: Fix hostapd EHT link ID bounds check

Lucas Holt noreply at github.com
Thu Jul 2 09:16:20 EDT 2026


  Branch: refs/heads/stable/4.0
  Home:   https://github.com/MidnightBSD/src
  Commit: c1b0894bdce9070eef4be2f08361a604a8e9b276
      https://github.com/MidnightBSD/src/commit/c1b0894bdce9070eef4be2f08361a604a8e9b276
  Author: Lucas Holt <luke at foolishgames.com>
  Date:   2026-07-02 (Thu, 02 Jul 2026)

  Changed paths:
    M contrib/wpa/src/ap/ieee802_11_eht.c

  Log Message:
  -----------
  Fix hostapd EHT link ID bounds check

Reject invalid Per-STA Profile link IDs before indexing the MLD links array. This prevents the optional IEEE 802.11be association parser from accepting link ID 15 when only IDs 0 through 14 are valid.

Fixes CVE-2026-58374.

AI-Assisted-by: OpenAI Codex



To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications


More information about the Midnightbsd-cvs mailing list