Linux Kernel Vulnerability in Batman-adv Mesh Networking
CVE-2026-46206

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46206?

A vulnerability in the batman-adv implementation of the Linux kernel allows for the improper management of tp_meter sessions during the teardown phase. This issue occurs when the mesh state transitions out of BATADV_MESH_ACTIVE, leading to the potential startup of new sender or receiver sessions, which should be prevented during this state change. Proper handling of these sessions is essential to maintain network security and stability, ensuring that inactive sessions do not interfere with active mesh networking operations.

Affected Version(s)

Linux 33a3bb4a3345bb511f9c69c913da95d4693e2a4e

References

https://git.kernel.org/stable/c/e4a3c4a4c8f6efd243c3e448c...

https://git.kernel.org/stable/c/ff93f86ecbb50a4709c403fc2...

https://git.kernel.org/stable/c/e1e2194cc725ec1d41f941249...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46206 Data

JSON