PT-2024-5785 · Linux+6 · Linux Kernel+6
Published
2024-03-29
·
Updated
2025-09-29
·
CVE-2024-35982
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The vulnerability is related to an infinite loop in the batman-adv component of the Linux kernel when trying to resize the local translation table (TT). This can occur when the MTU of an attached interface becomes too small to transmit the local translation table, and the resizing of the local TT will never succeed. The issue can lead to an endless spam of log messages, and the function will never finish. The problem arises when the timeout is halved repeatedly and stagnates at 0, making it impossible to reduce the table further. There are other scenarios possible with similar results, such as when the number of BATADV TT CLIENT NOPURGE entries in the local TT is too high to fit inside a packet.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Infinite Loop
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu