CVE-2025-39849

Published: Sep 19, 2025

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() If the ssid->datalen is more than IEEE80211_MAX_SSID_LEN (32) it would lead to memory corruption so add some bounds checking.

Vendor	Product	Versions
Linux	Linux	affected `dd43f8f90206054e7da7593de0a334fb2cd0ea88 - < 8e751d46336205abc259ed3990e850a9843fb649` affected `c38c701851011c94ce3be1ccb3593678d2933fd8 - < e472f59d02c82b511bc43a3f96d62ed08bf4537f` affected `c38c701851011c94ce3be1ccb3593678d2933fd8 - < 31229145e6ba5ace3e9391113376fa05b7831ede` affected `c38c701851011c94ce3be1ccb3593678d2933fd8 - < 5cb7cab7adf9b1e6a99e2081b0e30e9e59d07523` affected `c38c701851011c94ce3be1ccb3593678d2933fd8 - < 62b635dcd69c4fde7ce1de4992d71420a37e51e3` +3 more versions
Linux	Linux	affected `6.3` unaffected `0 - < 6.3` unaffected `6.1.151 - <= 6.1.` unaffected `6.6.105 - <= 6.6.` unaffected `6.12.46 - <= 6.12.*` +2 more versions

References

https://git.kernel.org/stable/c/8e751d46336205abc259ed3990e850a9843fb649

https://git.kernel.org/stable/c/e472f59d02c82b511bc43a3f96d62ed08bf4537f

https://git.kernel.org/stable/c/31229145e6ba5ace3e9391113376fa05b7831ede

https://git.kernel.org/stable/c/5cb7cab7adf9b1e6a99e2081b0e30e9e59d07523

https://git.kernel.org/stable/c/62b635dcd69c4fde7ce1de4992d71420a37e51e3

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-39849

Description

Affected Products

References