Lucene search
K

55 matches found

Microsoft CVE
Microsoft CVE
added 2026/05/29 8:6 a.m.8 views

batman-adv: stop caching unowned originator pointers in BAT IV

...

8.8CVSS5.4AI score0.00262EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.15 views

SUSE CVE-2026-46238

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...

5.5CVSS5.7AI score0.00262EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46238

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an...

8.8CVSS6AI score0.00262EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/28 12:21 p.m.14 views

CVE-2026-46238

A flaw was found in the batman-adv module of the Linux kernel. The BAT IV protocol was caching unowned originator pointers, which could become invalid after purge handling. This could lead to the use of stale data, potentially causing unexpected system behavior or information corruption within th...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.15 views

CVE-2026-46238

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...

8.8CVSS0.00262EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.8 views

UBUNTU-CVE-2026-46238

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...

8.8CVSS5.7AI score0.00262EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/28 9:41 a.m.8 views

CVE-2026-46238

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...

8.8CVSS5.7AI score0.00262EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 9:41 a.m.36 views

CVE-2026-46238 batman-adv: stop caching unowned originator pointers in BAT IV

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...

8.8CVSS0.00262EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/28 9:41 a.m.17 views

EUVD-2026-32756

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...

5.7AI score0.00262EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:41 a.m.42 views

CVE-2026-46238

CVE-2026-46238 affects the Linux kernel’s BAT IV implementation via the batman-adv subsystem. The issue stems from caching an auxiliary originator pointer derived from a temporary lookup in neigh_node state, where the pointer can be freed or become stale after purge handling. The documented fix i...

8.8CVSS5.7AI score0.00262EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:41 a.m.7 views

CVE-2026-46238

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...

8.8CVSS5.7AI score0.00262EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.14 views

PT-2026-44361

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the batman-adv module, BAT IV caches an originator pointer in each neigh node derived from a temporary lookup. This pointer is not owned by the neigh node and may refer to an invalid...

9.8CVSS5.9AI score0.005EPSS
Exploits1References294
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.8 views

PT-2026-35143

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where OGM aggregation can lead to a buffer overflow. When the OGM aggregation state is toggled during runtime, a forwarded packet might be...

7.8CVSS5.9AI score0.00126EPSS
Exploits0References151
NVD
NVD
added 2026/04/09 10:16 p.m.7 views

CVE-2026-33783

A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service DoS. If colored SRTE policy tunnels are provisioned via...

7.1CVSS0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/09 9:36 p.m.22 views

CVE-2026-33783 Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftmand crashes

A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service DoS. If colored SRTE policy tunnels are provisioned via...

7.1CVSS0.0024EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/09 9:36 p.m.3 views

CVE-2026-33783 Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftmand crashes

A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service DoS. If colored SRTE policy tunnels are provisioned via...

7.1CVSS5.8AI score0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.15 views

PT-2026-31802

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved on PTX Series versions prior to 22.4R3-S9-EVO Juniper Networks Junos OS Evolved on PTX Series versions prior to 23.2R2-S6-EVO Juniper Networks Junos OS Evolved on PTX Series versions prior to 23.4R2-S7-EVO...

7.1CVSS5.8AI score0.0024EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990355)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990355 advisory. In the Linux kernel, the following vulnerability has been resolved: batman-adv: bypass empty buckets in batadvpurgeorigref Many syzbot reports are pointing to soft...

5.5CVSS6.1AI score0.00229EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986529)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986529 advisory. In the Linux kernel, the following vulnerability has been resolved: batman-adv: bypass empty buckets in batadvpurgeorigref Many syzbot reports are pointing to soft...

5.5CVSS6.1AI score0.00229EPSS
Exploits0References3
OSV
OSV
added 2024/07/12 1:15 p.m.1 views

UBUNTU-CVE-2024-40981

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bypass empty buckets in batadvpurgeorigref Many syzbot reports are pointing to soft lockups in batadvpurgeorigref 1 Root cause is unknown, but we can avoid spending too much time there and perhaps get more interesting...

5.5CVSS6.2AI score0.00229EPSS
Exploits0References36
Rows per page
Query Builder