CVE-2026-46038

MEDIUM EPSS 2.4%
Published May 27, 20261mo ago · Modified Jun 19, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 27, 2026 1mo ago
Last Modified Jun 19, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrl_cmd_bye() A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But currently, the nameserver doesn't free the node memory even after processing the BYE packet. This causes the node memory to leak. Hence, remove the node from Xarray list and free the node memory during both success and failure case of ctrl_cmd_bye().

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥5.7  –  <6.6.140
linuxlinux_kernel*≥6.7  –  <6.12.86
linuxlinux_kernel*≥6.13  –  <6.18.27
linuxlinux_kernel*≥6.19  –  <7.0.4

References 8

  • git.kernel.org https://git.kernel.org/stable/c/076e4b162d6caba12c229e7f262df5b6881162b0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/154fc7fe3f62c46891c3c4302f4b5b5391c932e6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/25d580a46b079a7963ff024a5195e547baf12b64
  • git.kernel.org https://git.kernel.org/stable/c/65932f5102bb5377db36c8a4f0c28179a1967a9a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/68efba36446a7774ea5b971257ade049272a07ac
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c9cca46acb6f22e63f015ea7b2ed6032d2badf5
  • git.kernel.org https://git.kernel.org/stable/c/a5a454f3364877b22f0e5a165df8b3702ff96ae7
  • git.kernel.org https://git.kernel.org/stable/c/ff78ed177a66763085e3214d6fbe13ca8f0b3f11
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/076e4b162d6caba12c229e7f262df5b6881162b0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/154fc7fe3f62c46891c3c4302f4b5b5391c932e6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65932f5102bb5377db36c8a4f0c28179a1967a9a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/68efba36446a7774ea5b971257ade049272a07ac
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ff78ed177a66763085e3214d6fbe13ca8f0b3f11
    Patch