{"id":"CVE-2025-24912","details":"hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.","modified":"2026-07-08T07:34:14.737318291Z","published":"2025-03-12T04:43:54.870Z","related":["SUSE-SU-2025:0977-1","openSUSE-SU-2025:14890-1","openSUSE-SU-2025:14899-1","openSUSE-SU-2026:20985-1"],"database_specific":{"cwe_ids":["CWE-826"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/24xxx/CVE-2025-24912.json","cna_assigner":"jpcert"},"references":[{"type":"WEB","url":"https://jvn.jp/en/jp/JVN19358384/"},{"type":"WEB","url":"https://w1.fi/cgit/hostap/commit/?id=339a334551ca911187cc870f4f97ef08e11db109"},{"type":"WEB","url":"https://w1.fi/cgit/hostap/commit/?id=726432d7622cc0088ac353d073b59628b590ea44"},{"type":"WEB","url":"https://w1.fi/hostapd/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/24xxx/CVE-2025-24912.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24912"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.w1.fi/cgit/hostap","events":[{"introduced":"0"},{"fixed":"339a334551ca911187cc870f4f97ef08e11db109"},{"fixed":"726432d7622cc0088ac353d073b59628b590ea44"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"2.11"}],"cpe":"cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*","source":["CPE_RANGE","REFERENCES"]}}],"versions":["2.11 and earlier","hostap_2_11","hostap_2_10","hostap_2_9","hostap_2_8","hostap_2_7","hostap_2_6","hostap_2_5","hostap_2_4","hostap_2_3","hostap_2_2","hostap_2_1","aosp-kk-from-upstream","hostap_2_0","aosp-jb-start","hostap-1-bp","hostap_0_7_2","hostap_0_7_1","hostap_0_7_0","hostap_0_6_7","hostap_0_6_6","hostap_0_6_5","hostap_0_6_4","hostap_0_6_3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-24912.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}