In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tp_meter sessions during mesh teardown TP meter sessions remain linked on bat_priv->tp_list after the netlink request has already finished. When the mesh interface is removed, batadv_mesh_free() currently tears down the mesh without first draining these sessions. A running sender thread or a late incoming tp_meter packet can then keep processing against a mesh instance which is already shutting down. Synchronize tp_meter with the mesh lifetime by stopping all active sessions from batadv_mesh_free() and waiting for sender threads to exit before teardown continues.

A flaw was found in the Linux kernel's `batman-adv` module. When a mesh interface is removed, the `batadv_mesh_free()` function does not properly stop `tp_meter` sessions. This oversight allows active `tp_meter` sender threads or late incoming packets to continue processing against a mesh instance that is in the process of shutting down. This can lead to system instability and a denial of service (DoS).

Red Hat Enterprise Linux 10 Not affected kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel-rt Red Hat Enterprise Linux 8 Not affected kernel Red Hat Enterprise Linux 8 Not affected kernel-rt Red Hat Enterprise Linux 9 Not affected kernel Red Hat Enterprise Linux 9 Not affected kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-46208 https://nvd.nist.gov/vuln/detail/CVE-2026-46208 https://lore.kernel.org/linux-cve-announce/2026052834-CVE-2026-46208-6e48@gregkh/T