Linux kernel is vulnerable to arbitrary code execution. Due to a flaw in mwifiex_cmd_802_11_ad_hoc_start
in drivers/net/wireless/marvell/mwifiex/join.c
in the Linux kernel, it allows remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c455c5ab332773464d02ba17015acdca198f03d
git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-36158
github.com/torvalds/linux/commit/5c455c5ab332773464d02ba17015acdca198f03d
lists.debian.org/debian-lts-announce/2021/02/msg00018.html
lists.debian.org/debian-lts-announce/2021/03/msg00010.html
lists.fedoraproject.org/archives/list/[email protected]/message/HCHBIRS27VMOGMBHPWP2R7SZRFXT6O6U/
lore.kernel.org/r/[email protected]
patchwork.kernel.org/project/linux-wireless/patch/[email protected]/
security.netapp.com/advisory/ntap-20210212-0002/
www.debian.org/security/2021/dsa-4843