Lucene search
K

585 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/27 8:11 a.m.9 views

batman-adv: fix tp_meter counter underflow during shutdown

...

9.8CVSS5.8AI score0.00117EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:6 a.m.6 views

batman-adv: tp_meter: avoid use of uninit sender vars

...

9.8CVSS5.8AI score0.00404EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/24 8:44 p.m.11 views

CVE-2026-52931

A flaw was found in the batman-adv tpmeter module of the Linux kernel. A remote attacker could exploit this vulnerability by sending a specially crafted acknowledgment ACK packet to a node configured as a receiver in an ongoing tpmeter session. This could lead to the use of uninitialized sender...

9.8CVSS5.9AI score0.00404EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/24 3:37 p.m.6 views

CVE-2026-52919

A flaw was found in the batman-adv module of the Linux kernel. During the shutdown process of the tpmeter sender, an atomic counter can underflow due to multiple decrements. This can cause the sender kernel thread to loop indefinitely, leading to a use-after-free vulnerability if the associated...

7.8CVSS5.8AI score0.00117EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 8:16 a.m.7 views

CVE-2026-52919

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix tpmeter counter underflow during shutdown batadvtpsendershutdown unconditionally decrements the "sending" atomic counter. If multiple paths e.g. timeout, user cancel, and normal finish call this function, the...

7.8CVSS0.00117EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 8:16 a.m.2 views

UBUNTU-CVE-2026-52919

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix tpmeter counter underflow during shutdown batadvtpsendershutdown unconditionally decrements the "sending" atomic counter. If multiple paths e.g. timeout, user cancel, and normal finish call this function, the...

7.8CVSS5.6AI score0.00117EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.7 views

CVE-2026-52931

In the Linux kernel, the following vulnerability has been resolved: batman-adv: tpmeter: avoid use of uninit sender vars batadvtprecvack and batadvtpstop are only valid for tpvars in the BATADVTPSENDER role. When called with a BATADVTPRECEIVER role, it proceeds to read sender-only members that we...

9.8CVSS5.7AI score0.00404EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.29 views

CVE-2026-52931 batman-adv: tp_meter: avoid use of uninit sender vars

In the Linux kernel, the following vulnerability has been resolved: batman-adv: tpmeter: avoid use of uninit sender vars batadvtprecvack and batadvtpstop are only valid for tpvars in the BATADVTPSENDER role. When called with a BATADVTPRECEIVER role, it proceeds to read sender-only members that we...

9.8CVSS0.00404EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.5 views

CVE-2026-52931

In the Linux kernel, the following vulnerability has been resolved: batman-adv: tpmeter: avoid use of uninit sender vars batadvtprecvack and batadvtpstop are only valid for tpvars in the BATADVTPSENDER role. When called with a BATADVTPRECEIVER role, it proceeds to read sender-only members that we...

9.8CVSS5.7AI score0.00404EPSS
Exploits0
EUVD
EUVD
added 2026/06/24 7:14 a.m.10 views

EUVD-2026-38722

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix tpmeter counter underflow during shutdown batadvtpsendershutdown unconditionally decrements the "sending" atomic counter. If multiple paths e.g. timeout, user cancel, and normal finish call this function, the...

5.7AI score0.00117EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.28 views

CVE-2026-52919 batman-adv: fix tp_meter counter underflow during shutdown

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix tpmeter counter underflow during shutdown batadvtpsendershutdown unconditionally decrements the "sending" atomic counter. If multiple paths e.g. timeout, user cancel, and normal finish call this function, the...

7.8CVSS0.00117EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 7:14 a.m.21 views

CVE-2026-52919

CVE-2026-52919 affects the batman-adv component in the Linux kernel. The root cause is an underflow of the atomic counter “sending” in batadv_tp_sender_shutdown(), which is decremented unconditionally and can become -1 when multiple code paths call it. A negative value causes the sender kthread t...

7.8CVSS5.7AI score0.00117EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52919

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix tpmeter counter underflow during shutdown batadvtpsendershutdown unconditionally decrements the "sending" atomic counter. If multiple paths e.g. timeout, user cancel, and normal finish call this function, the...

7.8CVSS5.6AI score0.00117EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51724

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the functions batadv tp recv ack and batadv tp stop incorrectly process tp vars when the role is set to BATADV TP RECEIVER. In this state,...

9.8CVSS5.7AI score0.00404EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51712

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the batadv tp sender shutdown function unconditionally decrements the sending atomic counter. If this function is called multiple times...

7.8CVSS5.8AI score0.00117EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-52931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: tpmeter: avoid use of uninit sender vars batadvtprecvack and batadvtpstop are only valid for tpvars in the BATADVTPSENDER role. When called with a...

9.8CVSS6AI score0.00404EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/04 6:39 p.m.12 views

OpenMeter: SQL injection through meter creation

Summary An authenticated tenant can inject arbitrary SQL through the valueProperty or groupBy fields of POST /api/v1/meters. The injection passes the application's JSONPath validation check and executes against the shared ClickHouse database, which contains event data for all tenants with no...

6.1AI score0.00036EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/04 6:39 p.m.7 views

GHSA-WC3V-3457-C8CM OpenMeter: SQL injection through meter creation

Summary An authenticated tenant can inject arbitrary SQL through the valueProperty or groupBy fields of POST /api/v1/meters. The injection passes the application's JSONPath validation check and executes against the shared ClickHouse database, which contains event data for all tenants with no...

5.3CVSS6.1AI score0.00036EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.28 views

PT-2026-46869

Summary An authenticated tenant can inject arbitrary SQL through the valueProperty or groupBy fields of POST /api/v1/meters. The injection passes the application's JSONPath validation check and executes against the shared ClickHouse database, which contains event data for all tenants with no...

5.3CVSS6.1AI score
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:5 a.m.7 views

batman-adv: stop tp_meter sessions during mesh teardown

...

7.8CVSS5.4AI score0.00138EPSS
Exploits0
Rows per page
Query Builder