CVE-2026-46212
Use-After-Free in Linux Kernel batman-adv BLA
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's batman-adv component, specifically in the bla (batadv_bla) module. It involves a use-after-free issue when deleting claims related to a backbone. The function batadv_bla_del_backbone_claims() removes all claims for a backbone by dropping a link entry in a hash list. However, this list entry is also a reference that must be released properly using batadv_claim_put(). If batadv_claim_put() is called too early, before the last access to the claim object, the claim might be freed prematurely by batadv_claim_release(), leading to a use-after-free condition.
How can this vulnerability impact me? :
A use-after-free vulnerability can lead to undefined behavior in the kernel, including potential system crashes, data corruption, or security issues such as privilege escalation or arbitrary code execution. In this specific case, improper handling of claim objects in the batman-adv module could cause instability or exploitation opportunities within the Linux kernel networking stack.