-

CVE-2025-39839

EPSS 0.03%
Veröffentlicht 19.09.2025 15:26:14
Zuletzt bearbeitet 22.09.2025 21:23:01
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

batman-adv: fix OOB read/write in network-coding decode

batadv_nc_skb_decode_packet() trusts coded_len and checks only against
skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing
payload headroom, and the source skb length is not verified, allowing an
out-of-bounds read and a small out-of-bounds write.

Validate that coded_len fits within the payload area of both destination
and source sk_buffs before XORing.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 30fc47248f02b8a14a61df469e1da4704be1a19f

Version 2df5278b0267c799f3e877e8eeddbb6e93cda0bb

Status affected

Version < 1e36c6c8dc8023b4bbe9a16e819f9998b9b6a183

Version 2df5278b0267c799f3e877e8eeddbb6e93cda0bb

Status affected

Version < 5d334bce9fad58cf328d8fa14ea1fff855819863

Version 2df5278b0267c799f3e877e8eeddbb6e93cda0bb

Status affected

Version < dce6c2aa70e94c04c523b375dfcc664d7a0a560a

Version 2df5278b0267c799f3e877e8eeddbb6e93cda0bb

Status affected

Version < bb37252c9af1cb250f34735ee98f80b46be3cef1

Version 2df5278b0267c799f3e877e8eeddbb6e93cda0bb

Status affected

Version < 20080709457bc1e920eb002483d7d981d9b2ac1c

Version 2df5278b0267c799f3e877e8eeddbb6e93cda0bb

Status affected

Version < a67c6397fcb7e842d3c595243049940970541c48

Version 2df5278b0267c799f3e877e8eeddbb6e93cda0bb

Status affected

Version < d77b6ff0ce35a6d0b0b7b9581bc3f76d041d4087

Version 2df5278b0267c799f3e877e8eeddbb6e93cda0bb

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.10

Status affected

Version < 3.10

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.299

Status unaffected

Version <= 5.10.*

Version 5.10.243

Status unaffected

Version <= 5.15.*

Version 5.15.192

Status unaffected

Version <= 6.1.*

Version 6.1.151

Status unaffected

Version <= 6.6.*

Version 6.6.105

Status unaffected

Version <= 6.12.*

Version 6.12.46

Status unaffected

Version <= 6.16.*

Version 6.16.6

Status unaffected

Version <= *

Version 6.17-rc5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.079

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/30fc47248f02b8a14a61df469e1da4704be1a19f

https://git.kernel.org/stable/c/1e36c6c8dc8023b4bbe9a16e819f9998b9b6a183

https://git.kernel.org/stable/c/5d334bce9fad58cf328d8fa14ea1fff855819863

https://git.kernel.org/stable/c/dce6c2aa70e94c04c523b375dfcc664d7a0a560a

https://git.kernel.org/stable/c/bb37252c9af1cb250f34735ee98f80b46be3cef1

https://git.kernel.org/stable/c/20080709457bc1e920eb002483d7d981d9b2ac1c

https://git.kernel.org/stable/c/a67c6397fcb7e842d3c595243049940970541c48

https://git.kernel.org/stable/c/d77b6ff0ce35a6d0b0b7b9581bc3f76d041d4087

https://nvd.nist.gov/vuln/detail/CVE-2025-39839

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39839

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39839

EUVD