The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - batman-adv: reject oversized global TT response buffers batadv_tt_prepare_tvlv_global_data() builds the     allocation length for a global TT response in 16-bit temporaries. When a remote originator advertises a     large enough global TT, the TT payload length plus the VLAN header offset can exceed 65535 and wrap before     kmalloc(). The full-table response path still uses the original TT payload length when it fills tt_change,     so the wrapped allocation is too small and batadv_tt_prepare_tvlv_global_data() writes past the end of the     heap object before the later packet-size check runs. Fix this by rejecting TT responses whose TVLV value     length cannot fit in the 16-bit TVLV payload length field. (CVE-2026-31659)

Note that Nessus relies on the presence of the package as reported by the vendor.

Detections

Analytics

Linux Distros Unpatched Vulnerability : CVE-2026-31659

critical Nessus Plugin ID 310303

Version 1.5