In the Linux kernel, the following vulnerability has been resolved:
batman-adv: dat: handle forward allocation error
batadvdatforwarddata() calls pskbcopyforclone() to duplicate an skb for each DHT candidate, but does not check the return value before passing it to batadvsendskbprepareunicast_4addr(). That function dereferences the skb unconditionally, so a failed allocation triggers a NULL pointer dereference.
Skip forwarding to the current DHT candidate on allocation failure.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/52xxx/CVE-2026-52922.json",
"cna_assigner": "Linux"
}