CVE-2026-31683

EUVD-2026-25650

25.04.2026, 09:16

In the Linux kernel, the following vulnerability has been resolved:

batman-adv: avoid OGM aggregation when skb tailroom is insufficient

When OGM aggregation state is toggled at runtime, an existing forwarded
packet may have been allocated with only packet_len bytes, while a later
packet can still be selected for aggregation. Appending in this case can
hit skb_put overflow conditions.

Reject aggregation when the target skb tailroom cannot accommodate the new
packet. The caller then falls back to creating a new forward packet
instead of appending.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 3%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	2.6.38 ≤ 𝑥 < 5.10.253
linux	linux_kernel	5.11 ≤ 𝑥 < 5.15.203
linux	linux_kernel	5.16 ≤ 𝑥 < 6.1.167
linux	linux_kernel	6.2 ≤ 𝑥 < 6.6.130
linux	linux_kernel	6.7 ≤ 𝑥 < 6.12.78
linux	linux_kernel	6.13 ≤ 𝑥 < 6.18.20
linux	linux_kernel	6.19 ≤ 𝑥 < 6.19.10
linux	linux_kernel	7.0:rc1
linux	linux_kernel	7.0:rc2
linux	linux_kernel	7.0:rc3
linux	linux_kernel	7.0:rc4

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.170-3 fixed
bookworm (security)	6.1.174-1 fixed
bullseye	vulnerable
bullseye (security)	5.10.257-1 fixed
forky	7.0.10-1 fixed
sid	7.0.10-1 fixed
trixie	6.12.86-1 fixed
trixie (security)	6.12.90-2 fixed

linux-6.1

bullseye (security)

6.1.174-1~deb11u1

fixed

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, welche zu einem Denial-of-Service-Zustand, einer Rechteausweitung, der Ausführung von Code oder einer Speicherbeschädigung führen könnten.
Published: 2026-04-26T22:00:00+00:00

References

https://git.kernel.org/stable/c/0b10a8b355c3f71012ce89289ec2c2f5e3bfd6c1

https://git.kernel.org/stable/c/0d4aef630be9d5f9c1227d07669c26c4383b5ad0

https://git.kernel.org/stable/c/0e35db29fc5a97a8553f7c2d3a2ba730e46b1ee8

https://git.kernel.org/stable/c/1ada20331f2df2a942d6b83ae1f04a304b642e2a

https://git.kernel.org/stable/c/67176c96f325837b0bb3e9538ca2eba414f447d8

https://git.kernel.org/stable/c/6755347c5f9bdd44dee80f692208b056fcd40a52

https://git.kernel.org/stable/c/6e40ebb999c2c3d2fbb3cacb61f0384ee6e69075

https://git.kernel.org/stable/c/eda89a1bae0602aec8314ced299bb243b9f9aeef