Linux Kernel Mesh Interface Vulnerability Affects batman-adv
CVE-2026-46208

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46208?

A vulnerability in the batman-adv module of the Linux kernel allows tp_meter sessions to remain active even after a mesh interface is being torn down. This situation can cause processing to continue on sessions that are no longer valid, posing significant risks during the cleanup process. The affected module now synchronizes tp_meter operations with the mesh interface lifecycle, ensuring that all active sessions are stopped, and their corresponding threads are safely exited before the teardown proceeds. This update enhances the robustness of mesh networks operating under batman-adv by preventing potential race conditions and ensuring complete shutdown of resources.

Affected Version(s)

Linux 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 79bc0eaeef2c5797317bf2da8e3159a74d62ec47

Linux 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 26dfeee8db81354bfdade155f27f9e16510ad196

Linux 33a3bb4a3345bb511f9c69c913da95d4693e2a4e < 03660dab86f93319178a24667f6998526dc4355d

References

https://git.kernel.org/stable/c/79bc0eaeef2c5797317bf2da8...

https://git.kernel.org/stable/c/26dfeee8db81354bfdade155f...

https://git.kernel.org/stable/c/03660dab86f93319178a24667...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46208 Data

JSON