Back to VulnFeed / CVE-2026-46238
root@hackertop:~/vulnfeed/CVE-2026-46238#
CVE-2026-46238 MEDIUM CVE ⚠ Unpatched · Zero-day◉ PoC 公开 Lifecycle 4/7

Linux Kernel up to 7.1-rc3 batman-adv neigh_node state issue

Kernel 2026-05-28 Impact pending confirmation
LIFECYCLE
5.3 CVSS
Vulnerability Detail Mitigation Lifecycle CVSS Assessment
Vulnerability Description
A vulnerability has been found in Linux Kernel up to 6.6.139/6.12.89/6.18.31/7.0.8/7.1-rc3 (Operating System) and classified as critical. Affected by this vulnerability is the function neigh_node of the component batman-adv. Upgrading to version 6.6.140, 6.12.90, 6.18.32, 7.0.9 or 7.1-rc4 eliminates this vulnerability. Applying the patch aafcbaf1159ea224528ca4075d0ba8c10ef374af/6e20700f8c524ac379ba8274ff5d453023b7c006/09dc0d1a12222ffca6481916eab3cfea477b9620/67bceeb22207f1f5a402973a3a0809e5f2698f38/f03e8583532941b07761c5429de7d50766fa3110 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
Root Cause Analysis
The CWE definition for the vulnerability is CWE-371.

Impact: As an impact it is known to affect confidentiality, integrity, and availability.

Countermeasure: Upgrading to version 6.6.140, 6.12.90, 6.18.32, 7.0.9 or 7.1-rc4 eliminates this vulnerability. Applying the patch aafcbaf1159ea224528ca4075d0ba8c10ef374af/6e20700f8c524ac379ba8274ff5d453023b7c006/09dc0d1a12222ffca6481916eab3cfea477b9620/67bceeb22207f1f5a402973a3a0809e5f2698f38/f03e8583532941b07761c5429de7d50766fa3110 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
Validation (PoC/EXP) - Looking for Contributors
No public PoC yet

Public validation traces already exist. Community contributors can extend them with richer reproduction content.

Contribute Your PoC/EXP
Log in to contribute PoC/EXP content. Log in
Back to VulnFeed
CVE-2026-46238 · CVSS 5.3 · Active Threat