Integer overflow in Linux kernel - CVE-2026-52934
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to corrupt kernel memory.
The vulnerability exists due to an integer overflow leading to an out-of-bounds write in batadv_tvlv_container_ogm_append() and batadv_tvlv_container_list_size() when processing registered TVLV containers. A local user can cause the accumulated TVLV size to exceed U16_MAX and trigger an undersized allocation to corrupt kernel memory.
How to mitigate CVE-2026-52934
Sources
- https://git.kernel.org/stable/c/13493b00dd1e05a705981e052158652ea23eb482
- https://git.kernel.org/stable/c/1595628a2f877d052eda18865ccf539392c47c04
- https://git.kernel.org/stable/c/6448a49344e87487b61bd88cb850cd694a0f576d
- https://git.kernel.org/stable/c/94a3d72cd9b21116d7c6d5bdc57c11401fc28557
- https://git.kernel.org/stable/c/94db72e9dac202e017ee3db22c59d17e4f3bf171
- https://git.kernel.org/stable/c/c02aa6c0c9d1bea9bb75dea362b75ad225137bae
- https://git.kernel.org/stable/c/ede47988ac5687793745b17c1634a496a2299919
- https://git.kernel.org/stable/c/f50487e3566358b2b982b7801945e858c78ad9ab