CVE-2026-46233

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 95% most likely to be exploited
Published: May 28, 2026 (43 days ago)
Last Modified: May 28, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's batman-adv module. This vulnerability allows a local attacker to trigger a NULL-pointer dereference within the `batadv_bla_purge_claims()` function. This issue arises from a timing conflict when a claim is being released simultaneously, causing a critical pointer to become invalid. Successful exploitation of this flaw can lead to a system crash, resulting in a denial of service (DoS).

CWE

CWE-476

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References