CVE-2025-39839
Published: Sep 19, 2025
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadv_nc_skb_decode_packet() trusts coded_len and checks only against skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing payload headroom, and the source skb length is not verified, allowing an out-of-bounds read and a small out-of-bounds write. Validate that coded_len fits within the payload area of both destination and source sk_buffs before XORing.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 2df5278b0267c799f3e877e8eeddbb6e93cda0bb - < 30fc47248f02b8a14a61df469e1da4704be1a19faffected 2df5278b0267c799f3e877e8eeddbb6e93cda0bb - < 1e36c6c8dc8023b4bbe9a16e819f9998b9b6a183affected 2df5278b0267c799f3e877e8eeddbb6e93cda0bb - < 5d334bce9fad58cf328d8fa14ea1fff855819863affected 2df5278b0267c799f3e877e8eeddbb6e93cda0bb - < dce6c2aa70e94c04c523b375dfcc664d7a0a560aaffected 2df5278b0267c799f3e877e8eeddbb6e93cda0bb - < bb37252c9af1cb250f34735ee98f80b46be3cef1+3 more versions |
Linux | Linux | affected 3.10unaffected 0 - < 3.10unaffected 5.4.299 - <= 5.4.*unaffected 5.10.243 - <= 5.10.*unaffected 5.15.192 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now