CVE-2026-46038

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: qrtr: ns: Free the node during ctrl_cmd_bye()

A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But currently, the nameserver doesn't free the node memory even after processing the BYE packet. This causes the node memory to leak.

Hence, remove the node from Xarray list and free the node memory during both success and failure case of ctrl_cmd_bye().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0c2204a4ad710d95d348ea006f14ba926e842ffd < 6c9cca46acb6f22e63f015ea7b2ed6032d2badf5affected
LinuxLinux0c2204a4ad710d95d348ea006f14ba926e842ffd < a5a454f3364877b22f0e5a165df8b3702ff96ae7affected
LinuxLinux0c2204a4ad710d95d348ea006f14ba926e842ffd < 25d580a46b079a7963ff024a5195e547baf12b64affected
LinuxLinux0c2204a4ad710d95d348ea006f14ba926e842ffd < ff78ed177a66763085e3214d6fbe13ca8f0b3f11affected
LinuxLinux0c2204a4ad710d95d348ea006f14ba926e842ffd < 65932f5102bb5377db36c8a4f0c28179a1967a9aaffected
LinuxLinux0c2204a4ad710d95d348ea006f14ba926e842ffd < 154fc7fe3f62c46891c3c4302f4b5b5391c932e6affected
LinuxLinux0c2204a4ad710d95d348ea006f14ba926e842ffd < 076e4b162d6caba12c229e7f262df5b6881162b0affected
LinuxLinux0c2204a4ad710d95d348ea006f14ba926e842ffd < 68efba36446a7774ea5b971257ade049272a07acaffected
LinuxLinux5.7affected
LinuxLinux0 < 5.7unaffected
LinuxLinux5.10.259 <= 5.10.*unaffected
LinuxLinux5.15.210 <= 5.15.*unaffected
LinuxLinux6.1.176 <= 6.1.*unaffected
LinuxLinux6.6.140 <= 6.6.*unaffected
LinuxLinux6.12.86 <= 6.12.*unaffected
LinuxLinux6.18.27 <= 6.18.*unaffected
LinuxLinux7.0.4 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References