CVE Catalog

CVE-2026-52914

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.52%

40th percentile — higher than 40% of all known CVEs

Summary

In the Linux kernel, the batman-adv module has a vulnerability in fragment reassembly length accounting. The flaw allows malformed fragment chains to bypass validation, potentially causing a local denial of service.

Risk Assessment

A local attacker can exploit this vulnerability to trigger a system crash (DoS) by sending specially crafted packet fragments, disrupting network services.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit in the batman-adv branch). A system reboot is required after the update.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix fragment reassembly length accounting batman-adv keeps a running payload length for queued fragments and uses it to validate a fragment chain before reassembly. That accounting currently allows the accumulated fragment length to be truncated during updates. As a result, malformed fragment chains can bypass the intended validation and drive reassembly with inconsistent length state, leading to a local denial of service. Fix the accounting by storing the accumulated length in a length-typed field and rejecting update overflows before the existing validation logic runs. The fix was verified against the original reproducer and against valid fragment reassembly paths.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS