CVE-2026-31683
Published: Apr 25, 2026
Modified: May 11, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packet_len bytes, while a later packet can still be selected for aggregation. Appending in this case can hit skb_put overflow conditions. Reject aggregation when the target skb tailroom cannot accommodate the new packet. The caller then falls back to creating a new forward packet instead of appending.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected c6c8fea29769d998d94fcec9b9f14d4b52b349d3 - < 67176c96f325837b0bb3e9538ca2eba414f447d8affected c6c8fea29769d998d94fcec9b9f14d4b52b349d3 - < 0b10a8b355c3f71012ce89289ec2c2f5e3bfd6c1affected c6c8fea29769d998d94fcec9b9f14d4b52b349d3 - < 6755347c5f9bdd44dee80f692208b056fcd40a52affected c6c8fea29769d998d94fcec9b9f14d4b52b349d3 - < 1ada20331f2df2a942d6b83ae1f04a304b642e2aaffected c6c8fea29769d998d94fcec9b9f14d4b52b349d3 - < 6e40ebb999c2c3d2fbb3cacb61f0384ee6e69075+3 more versions |
Linux | Linux | affected 2.6.38unaffected 0 - < 2.6.38unaffected 5.10.253 - <= 5.10.*unaffected 5.15.203 - <= 5.15.*unaffected 6.1.167 - <= 6.1.*+5 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now