CVE-2026-46208
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
batman-adv: stop tp_meter sessions during mesh teardown
TP meter sessions remain linked on bat_priv->tp_list after the netlink request has already finished. When the mesh interface is removed, batadv_mesh_free() currently tears down the mesh without first draining these sessions.
A running sender thread or a late incoming tp_meter packet can then keep processing against a mesh instance which is already shutting down. Synchronize tp_meter with the mesh lifetime by stopping all active sessions from batadv_mesh_free() and waiting for sender threads to exit before teardown continues.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 5e7d0ac936354c36810e74ac3056b334ed1f4058 | affected |
| Linux | Linux | 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 268078acae72daa12b17b2b299701cb9924e469a | affected |
| Linux | Linux | 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 58943b7ea356294749dae3e75b96c0ee292c00be | affected |
| Linux | Linux | 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 79bc0eaeef2c5797317bf2da8e3159a74d62ec47 | affected |
| Linux | Linux | 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 26dfeee8db81354bfdade155f27f9e16510ad196 | affected |
| Linux | Linux | 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 03660dab86f93319178a24667f6998526dc4355d | affected |
| Linux | Linux | 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 8634c1dbd73adb74d40533ebb7e914efb82e71fb | affected |
| Linux | Linux | 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 3d3cf6a7314aca4df0a6dde28ce784a2a30d0166 | affected |
| Linux | Linux | 4.8 | affected |
| Linux | Linux | 0 < 4.8 | unaffected |
| Linux | Linux | 5.10.259 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.210 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.176 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.140 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.90 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.32 <= 6.18.* | unaffected |
| Linux | Linux | 7.0.9 <= 7.0.* | unaffected |
| Linux | Linux | 7.1 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/5e7d0ac936354c36810e74ac3056b334ed1f4058
- https://git.kernel.org/stable/c/268078acae72daa12b17b2b299701cb9924e469a
- https://git.kernel.org/stable/c/58943b7ea356294749dae3e75b96c0ee292c00be
- https://git.kernel.org/stable/c/79bc0eaeef2c5797317bf2da8e3159a74d62ec47
- https://git.kernel.org/stable/c/26dfeee8db81354bfdade155f27f9e16510ad196
- https://git.kernel.org/stable/c/03660dab86f93319178a24667f6998526dc4355d
- https://git.kernel.org/stable/c/8634c1dbd73adb74d40533ebb7e914efb82e71fb
- https://git.kernel.org/stable/c/3d3cf6a7314aca4df0a6dde28ce784a2a30d0166
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.