Remote Code Execution via Long SSID in Linux Kernel (CVE-2020-36158)

CVE-2020-36158 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.