An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy.
Reference and upstream commit:
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1832531]
This was fixed for Fedora with the 5.4.20 stable kernel updates.
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module mwifiex. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278