CVE-2026-43382
Published: May 8, 2026
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnl_lock ELP metric worker batadv_v_elp_get_throughput() might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via cancel_delayed_work_sync() in batadv_v_elp_iface_disable(). In this case, an rtnl_lock() would cause a deadlock. To avoid this, rtnl_trylock() was used in this function to skip the retrieval of the ethtool information in case the RTNL lock was already held. But for cfg80211 interfaces, batadv_get_real_netdev() was called - which also uses rtnl_lock(). The approach for __ethtool_get_link_ksettings() must also be used instead and the lockless version __batadv_get_real_netdev() has to be called.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected a0019971f340ae02ba54cf1861f72da7e03e6b66 - < 4c3ae249431b4fcb315d7dfb4c3a13f9e443fd9baffected 3c0e0aecb78cb2a2ca1dc701982d08fedb088dc6 - < 192f40ad8a7dac58dae9199a065dbf7e6e67b75baffected 781a06fd265a8151f7601122d9c2e985663828ff - < fa7b4edfbabdf9235b0ab4bea297fc12b3bec9caaffected a7aa2317285806640c844acd4cd2cd768e395264 - < f3ca45673dab0514a887231de6f3243a699d5bfdaffected 0fdc3c166ac17b26014313fa2b93696354511b24 - < b7e5d8ddfdf1d6e9e0808d1adf7736a107372d77+12 more versions |
Linux | Linux | affected 6.14unaffected 0 - < 6.14unaffected 5.10.253 - <= 5.10.*unaffected 5.15.203 - <= 5.15.*unaffected 6.1.167 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now