Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-39839)

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadvncskbdecodepacket trusts codedlen and checks only against skb-len. XOR starts at sizeofstruct batadvunicastpacket, reducing payload headroom, and the source skb length...

The vulnerability of the batadv_dat_start_timer() function in the distributed-arp-table.c module of the B.A.T.M.A.N. network interface card of the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the batadvdatstarttimer function in the distributed-arp-table.c module of the B.A.T.M.A.N. network interface card of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow a attacker to cause a service failure...

PT-2023-36408 · Gnu +1 · Linux +1

Уязвимость сетевого интерфейса B.A.T.M.A.N. Better Approach To Mobile Adhoc Networking ядра операционной системы Linux связана с некорректной синхронизации процесса удаления сетевого устройства и выполнения отложенных задач в функции batadv dat start timer в модуле distributed-arp-table.c...