CVE-2026-52914
- Source
- https://cve.org/CVERecord?id=CVE-2026-52914
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-52914.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-52914
- Downstream
- Published
- 2026-06-24T07:14:11.906Z
- Modified
- 2026-06-25T04:05:21.233922659Z
- Summary
- batman-adv: fix fragment reassembly length accounting
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
batman-adv: fix fragment reassembly length accounting
batman-adv keeps a running payload length for queued fragments and uses it to validate a fragment chain before reassembly.
That accounting currently allows the accumulated fragment length to be truncated during updates. As a result, malformed fragment chains can bypass the intended validation and drive reassembly with inconsistent length state, leading to a local denial of service.
Fix the accounting by storing the accumulated length in a length-typed field and rejecting update overflows before the existing validation logic runs.
The fix was verified against the original reproducer and against valid fragment reassembly paths.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/52xxx/CVE-2026-52914.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/37be61825b15534a16ff9cfc9546de155b6df982
- https://git.kernel.org/stable/c/3eb8bcb823391bd58997831b3c9c152a4ba8e255
- https://git.kernel.org/stable/c/975563c5de1123dde1ec7946bf5556d20c89d74e
- https://git.kernel.org/stable/c/9cd3f16c320bfdadd4509358122368deb56a5741
- https://git.kernel.org/stable/c/e4f3f6b818aa6a678bc54a2d4e0bece2303c6a64
- https://git.kernel.org/stable/c/e910dbf509125fe51ad68e4fa74dc8ab0a8e787a
- https://git.kernel.org/stable/c/f653b040dad1af70fa5cd4fe085e4758925480c9
- https://git.kernel.org/stable/c/fdb2c96efb2baeb3725e9ce3ede8f1e36f5490f0
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/52xxx/CVE-2026-52914.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-52914
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced610bfc6bc99bc83680d190ebc69359a05fc7f605Fixede4f3f6b818aa6a678bc54a2d4e0bece2303c6a64Fixed37be61825b15534a16ff9cfc9546de155b6df982Fixed975563c5de1123dde1ec7946bf5556d20c89d74eFixedf653b040dad1af70fa5cd4fe085e4758925480c9Fixede910dbf509125fe51ad68e4fa74dc8ab0a8e787aFixed3eb8bcb823391bd58997831b3c9c152a4ba8e255Fixedfdb2c96efb2baeb3725e9ce3ede8f1e36f5490f0Fixed9cd3f16c320bfdadd4509358122368deb56a5741
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced3.13.0Fixed5.10.258
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.209
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.175
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.142
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.92
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.18.34
- Type
- ECOSYSTEM
- Events
-
Introduced6.19.0Fixed7.0.11