CVE-2025-39849
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
19/09/2025
Last modified:
22/09/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()<br />
<br />
If the ssid->datalen is more than IEEE80211_MAX_SSID_LEN (32) it would<br />
lead to memory corruption so add some bounds checking.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/31229145e6ba5ace3e9391113376fa05b7831ede
- https://git.kernel.org/stable/c/5cb7cab7adf9b1e6a99e2081b0e30e9e59d07523
- https://git.kernel.org/stable/c/62b635dcd69c4fde7ce1de4992d71420a37e51e3
- https://git.kernel.org/stable/c/8e751d46336205abc259ed3990e850a9843fb649
- https://git.kernel.org/stable/c/e472f59d02c82b511bc43a3f96d62ed08bf4537f