Description
In the Linux kernel, the following vulnerability has been resolved: batman-adv: dat: handle forward allocation error batadv_dat_forward_data() calls pskb_copy_for_clone() to duplicate an skb for each DHT candidate, but does not check the return value before passing it to batadv_send_skb_prepare_unicast_4addr(). That function dereferences the skb unconditionally, so a failed allocation triggers a NULL pointer dereference. Skip forwarding to the current DHT candidate on allocation failure.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Linux / Linux785ea1144182c341b8b85b0f8180291839d176a8 – 9bcebaedfb8479cb4affb23c7a0d000ca9a20e73
- Linux / Linux785ea1144182c341b8b85b0f8180291839d176a8 – 2edb8aeb3cdda9d00ec4997252dc5bcd6f54d8ef
- Linux / Linux785ea1144182c341b8b85b0f8180291839d176a8 – ce0c381199402a2c58f4599f4f6ed100d872d0da
- Linux / Linux785ea1144182c341b8b85b0f8180291839d176a8 – 866ac1d57040ed0b44ca732e3c66b3aa6b93011c
- Linux / Linux785ea1144182c341b8b85b0f8180291839d176a8 – 4d420d9ee70a220a2cd95aa0dd2e15acad66a505
- Linux / Linux785ea1144182c341b8b85b0f8180291839d176a8 – 9cceea8eeba710def2a5707ee00f00c74a9a1cac
- Linux / Linux785ea1144182c341b8b85b0f8180291839d176a8 – cf48e75fc4fe0d5cc7721c82d454221d01367b93
- Linux / Linux785ea1144182c341b8b85b0f8180291839d176a8 – 2d8826a2d3657cea66fb0370f9e521575a673871
- Linux / Linux3.8 – 3.8
- Linux / Linux0 – 3.8
- Linux / Linux5.10.258 – 5.10.*
- Linux / Linux5.15.209 – 5.15.*
- Linux / Linux6.1.175 – 6.1.*
- Linux / Linux6.6.142 – 6.6.*
- Linux / Linux6.12.92 – 6.12.*
- Linux / Linux6.18.34 – 6.18.*
- Linux / Linux7.0.11 – 7.0.*
- Linux / Linux7.1 – *
References
- MISChttps://git.kernel.org/stable/c/9bcebaedfb8479cb4affb23c7a0d000ca9a20e73
- MISChttps://git.kernel.org/stable/c/2edb8aeb3cdda9d00ec4997252dc5bcd6f54d8ef
- MISChttps://git.kernel.org/stable/c/ce0c381199402a2c58f4599f4f6ed100d872d0da
- MISChttps://git.kernel.org/stable/c/866ac1d57040ed0b44ca732e3c66b3aa6b93011c
- MISChttps://git.kernel.org/stable/c/4d420d9ee70a220a2cd95aa0dd2e15acad66a505
- MISChttps://git.kernel.org/stable/c/9cceea8eeba710def2a5707ee00f00c74a9a1cac
- MISChttps://git.kernel.org/stable/c/cf48e75fc4fe0d5cc7721c82d454221d01367b93
- MISChttps://git.kernel.org/stable/c/2d8826a2d3657cea66fb0370f9e521575a673871