CVE-2026-46038 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrl_cmd_bye() A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But currently, the nameserver doesn't free the node memory even after processing the BYE packet. This causes the node memory to leak. Hence, remove the node from Xarray list and free the node memory during both success and failure case of ctrl_cmd_bye().

PUBLISHED Reserved 2026-05-13 | Published 2026-05-27 | Updated 2026-05-27 | Assigner Linux

Product status

Default status

unaffected

0c2204a4ad710d95d348ea006f14ba926e842ffd (git) before ff78ed177a66763085e3214d6fbe13ca8f0b3f11

affected

0c2204a4ad710d95d348ea006f14ba926e842ffd (git) before 65932f5102bb5377db36c8a4f0c28179a1967a9a

affected

0c2204a4ad710d95d348ea006f14ba926e842ffd (git) before 154fc7fe3f62c46891c3c4302f4b5b5391c932e6

affected

0c2204a4ad710d95d348ea006f14ba926e842ffd (git) before 076e4b162d6caba12c229e7f262df5b6881162b0

affected

0c2204a4ad710d95d348ea006f14ba926e842ffd (git) before 68efba36446a7774ea5b971257ade049272a07ac

affected

Default status

affected

5.7

affected

Any version before 5.7

unaffected

6.6.140 (semver)

unaffected

6.12.86 (semver)

unaffected

6.18.27 (semver)

unaffected

7.0.4 (semver)

unaffected

7.1-rc1 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/ff78ed177a66763085e3214d6fbe13ca8f0b3f11

git.kernel.org/...c/65932f5102bb5377db36c8a4f0c28179a1967a9a

git.kernel.org/...c/154fc7fe3f62c46891c3c4302f4b5b5391c932e6

git.kernel.org/...c/076e4b162d6caba12c229e7f262df5b6881162b0

git.kernel.org/...c/68efba36446a7774ea5b971257ade049272a07ac

cve.org (CVE-2026-46038)

nvd.nist.gov (CVE-2026-46038)

Download JSON

help @ threatint.eu