CVE-2025-39849
published 2025-09-19CVE-2025-39849: In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() If the ssid->datalen is…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()
If the ssid->datalen is more than IEEE80211_MAX_SSID_LEN (32) it would
lead to memory corruption so add some bounds checking.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.153-1 (bookworm) | linux 6.1.153-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.153-1 (bookworm) | linux 6.1.153-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | — | — |
| linux | linux | >= 6.1.16 < 6.1.151 | 6.1.151 |
| linux | linux | >= 6.2.3 < 6.3 | 6.3 |
| linux | linux | >= c38c701851011c94ce3be1ccb3593678d2933fd8 < e472f59d02c82b511bc43a3f96d62ed08bf4537f | e472f59d02c82b511bc43a3f96d62ed08bf4537f |
| linux | linux | >= c38c701851011c94ce3be1ccb3593678d2933fd8 < 31229145e6ba5ace3e9391113376fa05b7831ede | 31229145e6ba5ace3e9391113376fa05b7831ede |
| linux | linux | >= c38c701851011c94ce3be1ccb3593678d2933fd8 < 5cb7cab7adf9b1e6a99e2081b0e30e9e59d07523 | 5cb7cab7adf9b1e6a99e2081b0e30e9e59d07523 |
| linux | linux | >= c38c701851011c94ce3be1ccb3593678d2933fd8 < 62b635dcd69c4fde7ce1de4992d71420a37e51e3 | 62b635dcd69c4fde7ce1de4992d71420a37e51e3 |
| linux | linux | >= dd43f8f90206054e7da7593de0a334fb2cd0ea88 < 8e751d46336205abc259ed3990e850a9843fb649 | 8e751d46336205abc259ed3990e850a9843fb649 |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 6.1.153-1 | 6.1.153-1 |
| linux | linux_kernel | >= 0 < 6.12.48-1 | 6.12.48-1 |
| linux | linux_kernel | >= 0 < 6.16.6-1 | 6.16.6-1 |
| linux | linux_kernel | >= 0 < 6.8.0-106.106 | 6.8.0-106.106 |
| linux | linux_kernel | >= 6.1.16 < 6.1.151 | 6.1.151 |
| linux | linux_kernel | >= 6.13 < 6.16.6 | 6.16.6 |
| linux | linux_kernel | >= 6.2.3 < 6.6.105 | 6.6.105 |
| linux | linux_kernel | >= 6.7 < 6.12.46 | 6.12.46 |
| msrc | azl3_kernel_6.6.104.2-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.96.2-2_on_azure_linux_3.0 | — | — |
| ubuntu | linux-xilinx | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH