CVE-2026-46137

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A data race exists in the Multipath TCP (MPTCP) implementation. The mptcp pm add timer() helper function, which operates as a timer callback in softirq context, fails to properly hold the socket lock using bh lock sock(). This can lead to synchronization issues when the socket is in use.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.