hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call resulting in insufficient entropy. External Reference: https://moabi.com/advisories/CVE-2019-10064.html
Analysis: This issue is only triggered with WPS pin needs to be generated and there is no /dev/urandom device. Such a scenario should not be possible in a typical server configuration, and may be a case in case of IoT or embedded devices. Therefore marking Red Hat Products as not affected.