CVE-2026-46208

In the Linux kernel, the following vulnerability has been resolved:

batman-adv: stop tp meter sessions during mesh teardown

TP meter sessions remain linked on bat priv->tp list after the netlink request has already finished. When the mesh interface is removed, batadv mesh free() currently tears down the mesh without first draining these sessions.

A running sender thread or a late incoming tp meter packet can then keep processing against a mesh instance which is already shutting down. Synchronize tp meter with the mesh lifetime by stopping all active sessions from batadv mesh free() and waiting for sender threads to exit before teardown continues.