{"id":"CVE-2026-46208","summary":"batman-adv: stop tp_meter sessions during mesh teardown","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: stop tp_meter sessions during mesh teardown\n\nTP meter sessions remain linked on bat_priv-\u003etp_list after the netlink\nrequest has already finished. When the mesh interface is removed,\nbatadv_mesh_free() currently tears down the mesh without first draining\nthese sessions.\n\nA running sender thread or a late incoming tp_meter packet can then keep\nprocessing against a mesh instance which is already shutting down.\nSynchronize tp_meter with the mesh lifetime by stopping all active\nsessions from batadv_mesh_free() and waiting for sender threads to exit\nbefore teardown continues.","modified":"2026-07-15T01:48:58.877063228Z","published":"2026-05-28T09:40:26.341Z","related":["openSUSE-SU-2026:10954-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46208.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/03660dab86f93319178a24667f6998526dc4355d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/268078acae72daa12b17b2b299701cb9924e469a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/26dfeee8db81354bfdade155f27f9e16510ad196"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3d3cf6a7314aca4df0a6dde28ce784a2a30d0166"},{"type":"WEB","url":"https://git.kernel.org/stable/c/58943b7ea356294749dae3e75b96c0ee292c00be"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5e7d0ac936354c36810e74ac3056b334ed1f4058"},{"type":"WEB","url":"https://git.kernel.org/stable/c/79bc0eaeef2c5797317bf2da8e3159a74d62ec47"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8634c1dbd73adb74d40533ebb7e914efb82e71fb"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46208.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-46208"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e"},{"fixed":"5e7d0ac936354c36810e74ac3056b334ed1f4058"},{"fixed":"268078acae72daa12b17b2b299701cb9924e469a"},{"fixed":"58943b7ea356294749dae3e75b96c0ee292c00be"},{"fixed":"79bc0eaeef2c5797317bf2da8e3159a74d62ec47"},{"fixed":"26dfeee8db81354bfdade155f27f9e16510ad196"},{"fixed":"03660dab86f93319178a24667f6998526dc4355d"},{"fixed":"8634c1dbd73adb74d40533ebb7e914efb82e71fb"},{"fixed":"3d3cf6a7314aca4df0a6dde28ce784a2a30d0166"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46208.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.8.0"},{"fixed":"5.10.259"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.210"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.176"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.140"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.90"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.32"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"7.0.9"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46208.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}