UBUNTU-CVE-2020-36158

Description

mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.

CVSS Metrics

• v3.1•MEDIUM•Score: 6.7CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• ubuntu•linux

  all | < 4.4.0-204.236 | < 4.15.0-137.141 | < 5.4.0-67.75

• ubuntu•linux-aws

  < 4.4.0-1087.91 | < 4.4.0-1123.137 | < 4.15.0-1095.102 | < 5.4.0-1039.41

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.4

  < 5.4.0-1039.41~18.04.1

• ubuntu•linux-aws-fips

  < 4.15.0-2038.40 | all | < 5.4.0-1069.73+fips2

• ubuntu•linux-aws-hwe

  < 4.15.0-1095.102~16.04.1

• ubuntu•linux-azure

  < 4.15.0-1109.121~14.04.1 | < 4.15.0-1109.121~16.04.1 | all | < 5.4.0-1041.43

• ubuntu•linux-azure-4.15

  < 4.15.0-1109.121

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.4

  < 5.4.0-1041.43~18.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fips

  < 4.15.0-2021.24 | all | < 5.4.0-1073.76+fips1

• ubuntu•linux-bluefield

  all

• ubuntu•linux-dell300x

  < 4.15.0-1013.17

• ubuntu•linux-fips

  < 4.4.0-1057.63 | all | < 4.15.0-1054.62

• ubuntu•linux-gcp

  < 4.15.0-1094.107~16.04.1 | all | < 5.4.0-1038.41

• ubuntu•linux-gcp-4.15

  < 4.15.0-1094.107

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.4

  < 5.4.0-1038.41~18.04.1

• ubuntu•linux-gcp-edge

  all

• ubuntu•linux-gcp-fips

  all | < 5.4.0-1067.71~20.04.1

• ubuntu•linux-gke

  < 5.4.0-1037.39

• ubuntu•linux-gke-4.15

  all

• ubuntu•linux-gke-5.4

  < 5.4.0-1037.39~18.04.1

• ubuntu•linux-gkeop

  < 5.4.0-1011.12

• ubuntu•linux-gkeop-5.4

  < 5.4.0-1011.12~18.04.2

• ubuntu•linux-hwe

  < 4.15.0-137.141~16.04.1 | all

• ubuntu•linux-hwe-5.4

  < 5.4.0-67.75~18.04.1

• ubuntu•linux-hwe-5.8

  < 5.8.0-45.51~20.04.1

• ubuntu•linux-hwe-edge

  all | all

• ubuntu•linux-intel-iot-realtime

  all

• ubuntu•linux-kvm

  < 4.4.0-1089.98 | < 4.15.0-1086.88 | < 5.4.0-1034.35

• ubuntu•linux-lts-xenial

  < 4.4.0-204.236~14.04.1

• ubuntu•linux-nvidia

  all

• ubuntu•linux-oem

  all

• ubuntu•linux-oem-5.10

  < 5.10.0-1011.12

• ubuntu•linux-oem-5.6

  < 5.6.0-1053.57

• ubuntu•linux-oracle

  < 4.15.0-1066.74~16.04.1 | < 4.15.0-1066.74 | < 5.4.0-1039.42

• ubuntu•linux-oracle-5.0

  all

• ubuntu•linux-oracle-5.3

  all

• ubuntu•linux-oracle-5.4

  < 5.4.0-1039.42~18.04.1

• ubuntu•linux-raspi

  < 5.4.0-1030.33

• ubuntu•linux-raspi-5.4

  < 5.4.0-1030.33~18.04.1

• ubuntu•linux-raspi-realtime

  all

• ubuntu•linux-raspi2

  < 4.4.0-1147.157 | < 4.15.0-1080.85 | all

• ubuntu•linux-realtime

  all

• ubuntu•linux-riscv

  all

• ubuntu•linux-riscv-5.8

  < 5.8.0-18.20~20.04.1

• ubuntu•linux-snapdragon

  < 4.4.0-1151.161 | < 4.15.0-1097.106

References (12)

• https://ubuntu.com/security/CVE-2020-36158
• https://git.kernel.org/linus/5c455c5ab332773464d02ba17015acdca198f03d
• https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c455c5ab332773464d02ba17015acdca198f03d
• https://github.com/torvalds/linux/commit/5c455c5ab332773464d02ba17015acdca198f03d
• https://lore.kernel.org/r/20201206084801.26479-1-ruc_zhangxiaohui@163.com
• https://patchwork.kernel.org/project/linux-wireless/patch/20201206084801.26479-1-ruc_zhangxiaohui@163.com/
• https://ubuntu.com/security/notices/USN-4876-1
• https://ubuntu.com/security/notices/USN-4877-1
• https://ubuntu.com/security/notices/USN-4878-1
• https://ubuntu.com/security/notices/USN-4879-1
• https://ubuntu.com/security/notices/USN-4912-1
• https://www.cve.org/CVERecord?id=CVE-2020-36158