CVE-2025-39849
wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()
If the ssid->datalen is more than IEEE80211_MAX_SSID_LEN (32) it would
lead to memory corruption so add some bounds checking.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://cert-portal.siemens.com/productcert/html/ssa-032379.htmlhttps://git.kernel.org/stable/c/31229145e6ba5ace3e9391113376fa05b7831edehttps://git.kernel.org/stable/c/5cb7cab7adf9b1e6a99e2081b0e30e9e59d07523https://git.kernel.org/stable/c/62b635dcd69c4fde7ce1de4992d71420a37e51e3https://git.kernel.org/stable/c/8e751d46336205abc259ed3990e850a9843fb649https://git.kernel.org/stable/c/e472f59d02c82b511bc43a3f96d62ed08bf4537fhttps://lists.debian.org/debian-lts-announce/2025/10/msg00008.html