8.8

CVE-2026-46198

batman-adv: fix integer overflow on buff_pos

In the Linux kernel, the following vulnerability has been resolved:

batman-adv: fix integer overflow on buff_pos

Fixing an integer overflow present in batadv_iv_ogm_send_to_if. The size
check is done using the int type in batadv_iv_ogm_aggr_packet whereas the
buff_pos variable uses the s16 type. This could lead to an out-of-bound
read.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.38 < 5.10.258
LinuxLinux Kernel Version >= 5.11 < 5.15.209
LinuxLinux Kernel Version >= 5.16 < 6.1.175
LinuxLinux Kernel Version >= 6.2 < 6.6.140
LinuxLinux Kernel Version >= 6.7 < 6.12.90
LinuxLinux Kernel Version >= 6.13 < 6.18.32
LinuxLinux Kernel Version >= 6.19 < 7.0.9
LinuxLinux Kernel Version7.1 Updaterc1
LinuxLinux Kernel Version7.1 Updaterc2
LinuxLinux Kernel Version7.1 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.28% 0.197
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 8.8 2.8 5.9
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/f61499359fa529f0d45a53bf7c573a49eb6322e6
Patch
https://git.kernel.org/stable/c/974542d1efc48b7e9fe16184e647615cba39969b
Patch
https://git.kernel.org/stable/c/bf872db54f91ffe70104b98c20068b2d5910e018
Patch
https://git.kernel.org/stable/c/b252797bfced986d6d92ec2f4cfcca842ce8aa78
Patch
https://git.kernel.org/stable/c/0799e5943611006b346b8813c7daf7dd5aa26bfd
Patch
https://git.kernel.org/stable/c/10bb1f366d884d506c38a947b43026a75d1afe9a
Patch
https://git.kernel.org/stable/c/867cd090760e8f5cd206f387b47ff9c56fac04e9
Patch
https://git.kernel.org/stable/c/96c9c0ed9a9579a9085765aceaa4556a6666eb82
Patch