Buffer Overflow Vulnerability in Linux Kernel Affecting batman-adv
CVE-2026-52934

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 June 2026

What is CVE-2026-52934?

A vulnerability exists in the batman-adv module of the Linux kernel, where oversized TVLV packets can lead to buffer overflow. This issue arises during the construction of a TVLV packet section when the size exceeds the limits of an unsigned 16-bit integer, causing incorrect memory allocation. To rectify this, the return type of the size calculation function has been updated to size_t, and checks have been implemented to prevent processing of oversized packets. This mitigates the risk of memory corruption and enhances the overall stability of the kernel.

Affected Version(s)

Linux ef26157747d42254453f6b3ac2bd8bd3c53339c3

Linux ef26157747d42254453f6b3ac2bd8bd3c53339c3 < 1595628a2f877d052eda18865ccf539392c47c04

Linux ef26157747d42254453f6b3ac2bd8bd3c53339c3 < 6448a49344e87487b61bd88cb850cd694a0f576d

References

https://git.kernel.org/stable/c/c02aa6c0c9d1bea9bb75dea36...

https://git.kernel.org/stable/c/1595628a2f877d052eda18865...

https://git.kernel.org/stable/c/6448a49344e87487b61bd88cb...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-52934 Data

JSON