batman-adv: Avoid double-rtnl_lock ELP metric worker

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-43382
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-05-08 15:16:49 UTC
Updated2026-05-12 14:10:27 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnl_lock ELP metric worker batadv_v_elp_get_throughput() might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via cancel_delayed_work_sync() in batadv_v_elp_iface_disable(). In this case, an rtnl_lock() would cause a deadlock. To avoid this, rtnl_trylock() was used in this function to skip the retrieval of the ethtool information in case the RTNL lock was already held. But for cfg80211 interfaces, batadv_get_real_netdev() was called - which also uses rtnl_lock(). The approach for __ethtool_get_link_ksettings() must also be used instead and the lockless version __batadv_get_real_netdev() has to be called.

Risk And Classification

EPSS: 0.000240000 probability, percentile 0.070360000 (date 2026-05-12)

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected a0019971f340ae02ba54cf1861f72da7e03e6b66 4c3ae249431b4fcb315d7dfb4c3a13f9e443fd9b git Not specified
CNA Linux Linux affected 3c0e0aecb78cb2a2ca1dc701982d08fedb088dc6 192f40ad8a7dac58dae9199a065dbf7e6e67b75b git Not specified
CNA Linux Linux affected 781a06fd265a8151f7601122d9c2e985663828ff fa7b4edfbabdf9235b0ab4bea297fc12b3bec9ca git Not specified
CNA Linux Linux affected a7aa2317285806640c844acd4cd2cd768e395264 f3ca45673dab0514a887231de6f3243a699d5bfd git Not specified
CNA Linux Linux affected 0fdc3c166ac17b26014313fa2b93696354511b24 b7e5d8ddfdf1d6e9e0808d1adf7736a107372d77 git Not specified
CNA Linux Linux affected 8c8ecc98f5c65947b0070a24bac11e12e47cc65d 2ab9f2531d37775cd79228c1f5d80e6bd08d11d3 git Not specified
CNA Linux Linux affected 8c8ecc98f5c65947b0070a24bac11e12e47cc65d 77808fe7d03ad0062840b95f431869a8b3d88b24 git Not specified
CNA Linux Linux affected 8c8ecc98f5c65947b0070a24bac11e12e47cc65d cfc83a3c71517b59c1047db57da31e26a9dc2f33 git Not specified
CNA Linux Linux affected 1c334629176c2d644befc31a20d4bf75542f7631 git Not specified
CNA Linux Linux affected af264c2a9adc37f4bdf88ca7f3affa15d8c7de9e git Not specified
CNA Linux Linux affected 6.14 Not specified
CNA Linux Linux unaffected 6.14 semver Not specified
CNA Linux Linux unaffected 5.10.253 5.10.* semver Not specified
CNA Linux Linux unaffected 5.15.203 5.15.* semver Not specified
CNA Linux Linux unaffected 6.1.167 6.1.* semver Not specified
CNA Linux Linux unaffected 6.6.130 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.78 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.19 6.18.* semver Not specified
CNA Linux Linux unaffected 6.19.9 6.19.* semver Not specified
CNA Linux Linux unaffected 7.0 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/cfc83a3c71517b59c1047db57da31e26a9dc2f33 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/77808fe7d03ad0062840b95f431869a8b3d88b24 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/2ab9f2531d37775cd79228c1f5d80e6bd08d11d3 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/fa7b4edfbabdf9235b0ab4bea297fc12b3bec9ca 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/4c3ae249431b4fcb315d7dfb4c3a13f9e443fd9b 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/b7e5d8ddfdf1d6e9e0808d1adf7736a107372d77 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/192f40ad8a7dac58dae9199a065dbf7e6e67b75b 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/f3ca45673dab0514a887231de6f3243a699d5bfd 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report