7 matches found
CVE-2026-46238
A flaw was found in the batman-adv module of the Linux kernel. The BAT IV protocol was caching unowned originator pointers, which could become invalid after purge handling. This could lead to the use of stale data, potentially causing unexpected system behavior or information corruption within th...
UBUNTU-CVE-2026-46238
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...
CVE-2026-46238 batman-adv: stop caching unowned originator pointers in BAT IV
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...
CVE-2026-46238
CVE-2026-46238 affects the Linux kernel’s BAT IV implementation via the batman-adv subsystem. The issue stems from caching an auxiliary originator pointer derived from a temporary lookup in neigh_node state, where the pointer can be freed or become stale after purge handling. The documented fix i...
EUVD-2026-32756
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...
PT-2026-44361
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the batman-adv module, BAT IV caches an originator pointer in each neigh node derived from a temporary lookup. This pointer is not owned by the neigh node and may refer to an invalid...
UBUNTU-CVE-2024-35982
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be resized to fit inside all fragments when enabled or a...