Reference Leak in Linux Kernel's batman-adv Component
CVE-2026-46231

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46231?

This vulnerability in the batman-adv module of the Linux kernel occurs when the batadv_bla_add_claim() function fails to insert a claim into the hash. In such cases, a reference to the backbone gateway intended for the claim is leaked, which can lead to improper memory management. The recommended action in the error handling path is to call batadv_backbone_gw_put() to correctly release the reference and prevent memory leaks related to the backbone_gw object.

Affected Version(s)

Linux 3db0decf1185357d6ab2256d0dede1ca9efda03d < 65419eb4259a26a3cd3f56fa0e3b3c113bf8c256

Linux 3db0decf1185357d6ab2256d0dede1ca9efda03d

Linux 3db0decf1185357d6ab2256d0dede1ca9efda03d < 0baf4b659cdc7305cf685b5a5d60f9e3816ab5d0

References

https://git.kernel.org/stable/c/65419eb4259a26a3cd3f56fa0...

https://git.kernel.org/stable/c/fd0ca034c1e71ca7613cde9dd...

https://git.kernel.org/stable/c/0baf4b659cdc7305cf685b5a5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46231 Data

JSON