CVE-2026-52922 Linux CVE debrief

Who should care

Linux kernel users and distributors should be aware of this vulnerability and take steps to patch their systems. The vulnerability is particularly relevant for systems that use the batman-adv module. Users of Linux distributions that include this module should check with their distribution vendors for patched packages.

Technical summary

The vulnerability occurs in the batadv_dat_forward_data() function of the batman-adv module in the Linux kernel. When batadv_dat_forward_data() calls pskb_copy_for_clone() to duplicate an skb for each DHT candidate, it does not check the return value. If the allocation fails, pskb_copy_for_clone() returns NULL. The function then passes this NULL value to batadv_send_skb_prepare_unicast_4addr(), which dereferences the skb unconditionally, leading to a NULL pointer dereference. This vulnerability can be exploited remotely, with CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Defensive priority

This vulnerability has a high CVSS score of 7.5 and can lead to a denial-of-service (DoS) condition. Linux kernel users should prioritize patching this vulnerability to prevent potential disruptions.

Recommended defensive actions

• Apply patches from Linux kernel maintainers or Linux distribution vendors.
• Use Linux distribution package management systems to update the kernel or batman-adv module.
• Consider using compensating controls, such as firewall rules or network segmentation, to limit exposure.
• Monitor system logs for potential exploitation attempts.
• Perform regular vulnerability scans and inventory checks to identify affected systems.

Evidence notes

The CVE record and NVD detail pages provide information on this vulnerability. The Linux kernel source code and commit history show the changes made to address this issue. There are multiple source references provided, including several Git commit hashes.

Official resources