CVE-2026-46208EPSS p3.5%
CVE-2026-46208CVE-2026-46208
linux / linux_kernel
Description
In the Linux kernel, the following vulnerability has been resolved:
batman-adv: stop tp_meter sessions during mesh teardown
TP meter sessions remain linked on bat_priv->tp_list after the netlink
request has already finished. When the mesh interface is removed,
batadv_mesh_free() currently tears down the mesh without first draining
these sessions.
A running sender thread or a late incoming tp_meter packet can then keep
processing against a mesh instance which is already shutting down.
Synchronize tp_meter with the mesh lifetime by stopping all active
sessions from batadv_mesh_free() and waiting for sender threads to exit
before teardown continues.
Scoring
| CVSS | 7.8 () |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| EPSS | 0.14% probability of exploitation · percentile 3.5% · 2026-06-19T12:03:05Z |
| Last modified | 2026-06-10 |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.