CVE-2025-39839
EUVD-2025-3036119.09.2025, 16:15
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadv_nc_skb_decode_packet() trusts coded_len and checks only against skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing payload headroom, and the source skb length is not verified, allowing an out-of-bounds read and a small out-of-bounds write. Validate that coded_len fits within the payload area of both destination and source sk_buffs before XORing.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 3.10 ≤ 𝑥 < 5.4.299 |
| linux | linux_kernel | 5.5 ≤ 𝑥 < 5.10.243 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.192 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.1.151 |
| linux | linux_kernel | 6.2 ≤ 𝑥 < 6.6.105 |
| linux | linux_kernel | 6.7 ≤ 𝑥 < 6.12.46 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.16.6 |
| linux | linux_kernel | 6.17:rc1 |
| linux | linux_kernel | 6.17:rc2 |
| linux | linux_kernel | 6.17:rc3 |
| linux | linux_kernel | 6.17:rc4 |
| debian | debian_linux | 11.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| Siemens | RUGGEDCOM RST2428P | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XCH328 | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XCM324 | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XCM328 | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XCM332 | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRH334 \(24 V DC\, 8xFO\, CC\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(230 V AC\, 12xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(230 V AC\, 8xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(230V AC\, 2x10G\, 24xSFP\, 8xSFP\+\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(24 V DC\, 12xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(24 V DC\, 8xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(24V DC\, 2x10G\, 24xSFP\, 8xSFP\+\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(2x230 V AC\, 12xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(2x230 V AC\, 8xFO\) | 𝑥 < V3.3 | ADP |
| Siemens | SCALANCE XRM334 \(2x230V AC\, 2x10G\, 24xSFP\, 8xSFP\+\) | 𝑥 < V3.3 | ADP |
| Siemens | SIMATIC CN 4100 | 𝑥 < V5.0 | ADP |
| siemens | simatic_cn_4100 | 𝑥 < 5.0 | ADP |
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| kernel-64kb |
| ||||||||||||
| kernel-azure |
| ||||||||||||
| kernel-default |
| ||||||||||||
| kernel-default-base |
| ||||||||||||
| kernel-obs-build |
| ||||||||||||
| kernel-source |
| ||||||||||||
| kernel-source-azure |
| ||||||||||||
| kernel-zfcpdump |
|
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| bpftool |
| ||
| bpftool-debuginfo |
| ||
| kernel |
| ||
| kernel-debuginfo |
| ||
| kernel-debuginfo-common-aarch64 |
| ||
| kernel-debuginfo-common-x86_64 |
| ||
| kernel-devel |
| ||
| kernel-headers |
| ||
| kernel-libbpf |
| ||
| kernel-libbpf-debuginfo |
| ||
| kernel-libbpf-devel |
| ||
| kernel-libbpf-static |
| ||
| kernel-livepatch-6.1.153-175.280 |
| ||
| kernel-modules-extra |
| ||
| kernel-modules-extra-common |
| ||
| kernel-tools |
| ||
| kernel-tools-debuginfo |
| ||
| kernel-tools-devel |
| ||
| perf |
| ||
| perf-debuginfo |
| ||
| python3-perf |
| ||
| python3-perf-debuginfo |
|
Azure Linux Releases
Common Weakness Enumeration
References