CVE-2024-35982: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be resized to fit inside all fragments (when enabled) or a single packet. But if the MTU becomes too low to transmit even the header + the VLAN specific part then the resizing of the local TT will never succeed. This can for example happen when the usable space is 110 bytes and 11 VLANs are on top of batman-adv. In this case, at least 116 byte would be needed. There will just be an endless spam of batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (110) in the log but the function will never finish. Problem here is that the timeout will be halved all the time and will then stagnate at 0 and therefore never be able to reduce the table even more. There are other scenarios possible with a similar result. The number of BATADV_TT_CLIENT_NOPURGE entries in the local TT can for example be too high to fit inside a packet. Such a scenario can therefore happen also with only a single VLAN + 7 non-purgable addresses - requiring at least 120 bytes. While this should be handled proactively when: * interface with too low MTU is added * VLAN is added * non-purgeable local mac is added * MTU of an attached interface is reduced * fragmentation setting gets disabled (which most likely requires dropping attached interfaces) not all of these scenarios can be prevented because batman-adv is only consuming events without the the possibility to prevent these actions (non-purgable MAC address added, MTU of an attached interface is reduced). It is therefore necessary to also make sure that the code is able to handle also the situations when there were already incompatible system configuration are present.
AI Analysis
Technical Summary
CVE-2024-35982 is a vulnerability in the Linux kernel's batman-adv (Better Approach To Mobile Adhoc Networking - advanced) module, which is used for mesh networking. The issue arises when the MTU (Maximum Transmission Unit) of an attached interface becomes too small to accommodate the local translation table (TT) entries required for packet transmission. Specifically, if the MTU is reduced below a threshold where even the header plus VLAN-specific data cannot fit, the batman-adv module enters an infinite loop attempting to resize the local TT to fit within the MTU constraints. This loop results in continuous log spam with messages like "batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (110)" and the resizing function never completes. The timeout used to reduce the table size halves repeatedly until it stagnates at zero, preventing further reduction and resolution of the issue. This can occur in scenarios such as having multiple VLANs stacked on batman-adv interfaces or a high number of non-purgable MAC addresses in the local TT, which increase the required size beyond the MTU. The vulnerability stems from batman-adv's reactive event handling, which cannot prevent incompatible system configurations like MTU reductions or addition of non-purgable MAC addresses. Consequently, the code must be resilient to handle these problematic states gracefully. The vulnerability impacts availability by causing a denial of service (DoS) condition through resource exhaustion and infinite processing loops within the kernel networking stack. The CVSS 3.1 score is 5.1 (medium severity), reflecting a local attack vector with high attack complexity, no privileges required, no user interaction, and impact limited to availability. No known exploits are reported in the wild as of the publication date. The vulnerability is addressed by code changes that ensure the resizing logic can handle these edge cases without infinite looping or log spamming.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems using the batman-adv mesh networking protocol on Linux kernels, which may be deployed in specialized networking environments such as research networks, IoT deployments, or community mesh networks. The impact is a denial of service condition that can degrade network availability and reliability, potentially disrupting critical communications or services relying on mesh networking. While the attack requires local access and specific network configurations (low MTU and multiple VLANs or non-purgable MAC addresses), the complexity and subtlety of the conditions mean that inadvertent misconfigurations could trigger the issue, causing unexpected outages. Organizations operating Linux-based mesh networks in industrial, academic, or municipal contexts in Europe should be aware of this risk. The vulnerability does not affect confidentiality or integrity but can cause significant availability issues, which in critical infrastructure or service provider contexts could have cascading effects. Given the medium severity and local attack vector, the threat is moderate but should not be ignored, especially in environments where batman-adv is used extensively.
Mitigation Recommendations
1. Apply the latest Linux kernel patches that address CVE-2024-35982 as soon as they become available to ensure the resizing logic in batman-adv handles low MTU and VLAN configurations correctly without infinite loops. 2. Audit and monitor network interface MTU settings and VLAN configurations on systems using batman-adv to avoid configurations where MTU is set too low to support the translation table size requirements. 3. Limit the number of non-purgable MAC addresses in the local translation table to reduce the risk of exceeding packet size limits. 4. Implement proactive configuration management policies that prevent or alert on MTU reductions or VLAN additions that could trigger this condition. 5. Enhance logging and monitoring to detect repeated batman-adv log messages indicating resizing attempts, which could signal an ongoing or impending DoS condition. 6. Where possible, isolate mesh networking nodes or restrict local access to trusted administrators to reduce the risk of malicious or accidental triggering of this vulnerability. 7. Consider fallback or redundancy mechanisms in mesh network design to maintain availability if a node becomes unresponsive due to this issue.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Denmark
CVE-2024-35982: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be resized to fit inside all fragments (when enabled) or a single packet. But if the MTU becomes too low to transmit even the header + the VLAN specific part then the resizing of the local TT will never succeed. This can for example happen when the usable space is 110 bytes and 11 VLANs are on top of batman-adv. In this case, at least 116 byte would be needed. There will just be an endless spam of batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (110) in the log but the function will never finish. Problem here is that the timeout will be halved all the time and will then stagnate at 0 and therefore never be able to reduce the table even more. There are other scenarios possible with a similar result. The number of BATADV_TT_CLIENT_NOPURGE entries in the local TT can for example be too high to fit inside a packet. Such a scenario can therefore happen also with only a single VLAN + 7 non-purgable addresses - requiring at least 120 bytes. While this should be handled proactively when: * interface with too low MTU is added * VLAN is added * non-purgeable local mac is added * MTU of an attached interface is reduced * fragmentation setting gets disabled (which most likely requires dropping attached interfaces) not all of these scenarios can be prevented because batman-adv is only consuming events without the the possibility to prevent these actions (non-purgable MAC address added, MTU of an attached interface is reduced). It is therefore necessary to also make sure that the code is able to handle also the situations when there were already incompatible system configuration are present.
AI-Powered Analysis
Technical Analysis
CVE-2024-35982 is a vulnerability in the Linux kernel's batman-adv (Better Approach To Mobile Adhoc Networking - advanced) module, which is used for mesh networking. The issue arises when the MTU (Maximum Transmission Unit) of an attached interface becomes too small to accommodate the local translation table (TT) entries required for packet transmission. Specifically, if the MTU is reduced below a threshold where even the header plus VLAN-specific data cannot fit, the batman-adv module enters an infinite loop attempting to resize the local TT to fit within the MTU constraints. This loop results in continuous log spam with messages like "batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (110)" and the resizing function never completes. The timeout used to reduce the table size halves repeatedly until it stagnates at zero, preventing further reduction and resolution of the issue. This can occur in scenarios such as having multiple VLANs stacked on batman-adv interfaces or a high number of non-purgable MAC addresses in the local TT, which increase the required size beyond the MTU. The vulnerability stems from batman-adv's reactive event handling, which cannot prevent incompatible system configurations like MTU reductions or addition of non-purgable MAC addresses. Consequently, the code must be resilient to handle these problematic states gracefully. The vulnerability impacts availability by causing a denial of service (DoS) condition through resource exhaustion and infinite processing loops within the kernel networking stack. The CVSS 3.1 score is 5.1 (medium severity), reflecting a local attack vector with high attack complexity, no privileges required, no user interaction, and impact limited to availability. No known exploits are reported in the wild as of the publication date. The vulnerability is addressed by code changes that ensure the resizing logic can handle these edge cases without infinite looping or log spamming.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems using the batman-adv mesh networking protocol on Linux kernels, which may be deployed in specialized networking environments such as research networks, IoT deployments, or community mesh networks. The impact is a denial of service condition that can degrade network availability and reliability, potentially disrupting critical communications or services relying on mesh networking. While the attack requires local access and specific network configurations (low MTU and multiple VLANs or non-purgable MAC addresses), the complexity and subtlety of the conditions mean that inadvertent misconfigurations could trigger the issue, causing unexpected outages. Organizations operating Linux-based mesh networks in industrial, academic, or municipal contexts in Europe should be aware of this risk. The vulnerability does not affect confidentiality or integrity but can cause significant availability issues, which in critical infrastructure or service provider contexts could have cascading effects. Given the medium severity and local attack vector, the threat is moderate but should not be ignored, especially in environments where batman-adv is used extensively.
Mitigation Recommendations
1. Apply the latest Linux kernel patches that address CVE-2024-35982 as soon as they become available to ensure the resizing logic in batman-adv handles low MTU and VLAN configurations correctly without infinite loops. 2. Audit and monitor network interface MTU settings and VLAN configurations on systems using batman-adv to avoid configurations where MTU is set too low to support the translation table size requirements. 3. Limit the number of non-purgable MAC addresses in the local translation table to reduce the risk of exceeding packet size limits. 4. Implement proactive configuration management policies that prevent or alert on MTU reductions or VLAN additions that could trigger this condition. 5. Enhance logging and monitoring to detect repeated batman-adv log messages indicating resizing attempts, which could signal an ongoing or impending DoS condition. 6. Where possible, isolate mesh networking nodes or restrict local access to trusted administrators to reduce the risk of malicious or accidental triggering of this vulnerability. 7. Consider fallback or redundancy mechanisms in mesh network design to maintain availability if a node becomes unresponsive due to this issue.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-05-17T13:50:33.144Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9828c4522896dcbe2376
Added to database: 5/21/2025, 9:08:56 AM
Last enriched: 6/29/2025, 8:56:09 AM
Last updated: 7/31/2025, 5:14:13 PM
Views: 10
Related Threats
CVE-2025-9091: Hard-coded Credentials in Tenda AC20
LowCVE-2025-9090: Command Injection in Tenda AC20
MediumCVE-2025-9092: CWE-400 Uncontrolled Resource Consumption in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0
LowCVE-2025-9089: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9088: Stack-based Buffer Overflow in Tenda AC20
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.