CVE-2026-43382

MEDIUM

batman-adv: Avoid double-rtnl_lock ELP metric worker

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnl_lock ELP metric worker batadv_v_elp_get_throughput() might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via cancel_delayed_work_sync() in batadv_v_elp_iface_disable(). In this case, an rtnl_lock() would cause a deadlock. To avoid this, rtnl_trylock() was used in this function to skip the retrieval of the ethtool information in case the RTNL lock was already held. But for cfg80211 interfaces, batadv_get_real_netdev() was called - which also uses rtnl_lock(). The approach for __ethtool_get_link_ksettings() must also be used instead and the lockless version __batadv_get_real_netdev() has to be called.

Scores

CVSS v3 5.5
EPSS 0.0009
EPSS Percentile 0.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-667
Status published
Products (37)
linux/Kernel < 5.10.253linux
linux/Kernel 5.11.0 - 5.15.203linux
linux/Kernel 5.16.0 - 6.1.167linux
linux/Kernel 6.13.0 - 6.18.19linux
linux/Kernel 6.14.0 - 6.19.9linux
linux/Kernel 6.2.0 - 6.6.130linux
linux/Kernel 6.7.0 - 6.12.78linux
Linux/Linux < 6.14
Linux/Linux 0fdc3c166ac17b26014313fa2b93696354511b24 - b7e5d8ddfdf1d6e9e0808d1adf7736a107372d77
Linux/Linux 1c334629176c2d644befc31a20d4bf75542f7631
... and 27 more
Published May 08, 2026
Tracked Since May 08, 2026