CVE Catalog

CVE-2026-46231

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel within the batman-adv module, which involves leaking a reference to the backbone_gw object when failing to add a new claim to the hash.

Risk Assessment

The reference leak may lead to uncontrolled memory consumption, potentially affecting system stability in the long run.

Recommendation

It is recommended to update the Linux kernel to the latest version to eliminate this vulnerability and ensure proper reference management.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: put backbone reference on failed claim hash insert When batadv_bla_add_claim() fails to insert a new claim into the hash, it leaked a reference to the backbone_gw for which the claim was intended. Call batadv_backbone_gw_put() on the error path to release the reference and avoid leaking the backbone_gw object.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS