CVE-2026-46231

high

Description

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: put backbone reference on failed claim hash insert When batadv_bla_add_claim() fails to insert a new claim into the hash, it leaked a reference to the backbone_gw for which the claim was intended. Call batadv_backbone_gw_put() on the error path to release the reference and avoid leaking the backbone_gw object.

References

https://git.kernel.org/stable/c/fd0ca034c1e71ca7613cde9dd892836b2c2831bd

https://git.kernel.org/stable/c/ba9d20ee9076dac32c371116bacbe72480eb356c

https://git.kernel.org/stable/c/7cccf4eb4f96d3c3af91a00b7a9caa652439542e

https://git.kernel.org/stable/c/769f413d374ff2b6ff6d8d8c37b4c1178e6cdf14

https://git.kernel.org/stable/c/6c8b68a7ed667a63aa603ba4d3a7088be143007e

https://git.kernel.org/stable/c/65419eb4259a26a3cd3f56fa0e3b3c113bf8c256

https://git.kernel.org/stable/c/2888c9a154123db0254ae4fb9bea570c7e1f2e06

https://git.kernel.org/stable/c/0baf4b659cdc7305cf685b5a5d60f9e3816ab5d0

Details

Source: Mitre, NVD

Published: 2026-05-28

Updated: 2026-06-01

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High

EPSS

EPSS: 0.00018