7.1

CVE-2025-39839

batman-adv: fix OOB read/write in network-coding decode

In the Linux kernel, the following vulnerability has been resolved:

batman-adv: fix OOB read/write in network-coding decode

batadv_nc_skb_decode_packet() trusts coded_len and checks only against
skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing
payload headroom, and the source skb length is not verified, allowing an
out-of-bounds read and a small out-of-bounds write.

Validate that coded_len fits within the payload area of both destination
and source sk_buffs before XORing.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.10 < 5.4.299
LinuxLinux Kernel Version >= 5.5 < 5.10.243
LinuxLinux Kernel Version >= 5.11 < 5.15.192
LinuxLinux Kernel Version >= 5.16 < 6.1.151
LinuxLinux Kernel Version >= 6.2 < 6.6.105
LinuxLinux Kernel Version >= 6.7 < 6.12.46
LinuxLinux Kernel Version >= 6.13 < 6.16.6
LinuxLinux Kernel Version6.17 Updaterc1
LinuxLinux Kernel Version6.17 Updaterc2
LinuxLinux Kernel Version6.17 Updaterc3
LinuxLinux Kernel Version6.17 Updaterc4
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.058
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/30fc47248f02b8a14a61df469e1da4704be1a19f
Patch
https://git.kernel.org/stable/c/1e36c6c8dc8023b4bbe9a16e819f9998b9b6a183
Patch
https://git.kernel.org/stable/c/5d334bce9fad58cf328d8fa14ea1fff855819863
Patch
https://git.kernel.org/stable/c/dce6c2aa70e94c04c523b375dfcc664d7a0a560a
Patch
https://git.kernel.org/stable/c/bb37252c9af1cb250f34735ee98f80b46be3cef1
Patch
https://git.kernel.org/stable/c/20080709457bc1e920eb002483d7d981d9b2ac1c
Patch
https://git.kernel.org/stable/c/a67c6397fcb7e842d3c595243049940970541c48
Patch
https://git.kernel.org/stable/c/d77b6ff0ce35a6d0b0b7b9581bc3f76d041d4087
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
Mailing List
https://cert-portal.siemens.com/productcert/html/ssa-032379.html
https://cert-portal.siemens.com/productcert/html/ssa-089022.html