In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.Referenceshttp://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.htmlhttps://seclists.org/bugtraq/2019/Nov/11https://usn.ubuntu.com/4211-2/https://usn.ubuntu.com/4208-1/https://usn.ubuntu.com/4210-1/https://usn.ubuntu.com/4211-1/https://usn.ubuntu.com/4226-1/https://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlhttps://access.redhat.com/errata/RHSA-2020:0174https://access.redhat.com/errata/RHSA-2020:0374https://access.redhat.com/errata/RHSA-2020:0375https://access.redhat.com/errata/RHSA-2020:0543https://access.redhat.com/errata/RHSA-2020:0592https://access.redhat.com/errata/RHSA-2020:0609https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlhttps://access.redhat.com/errata/RHSA-2020:0653https://access.redhat.com/errata/RHSA-2020:0661https://access.redhat.com/errata/RHSA-2020:0664https://access.redhat.com/errata/RHSA-2020:0790https://www.oracle.com/security-alerts/cpuApr2021.htmlhttp://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlhttps://security.netapp.com/advisory/ntap-20191031-0005/https://marc.info/?l=linux-wireless&m=157018270915487&w=2
