CVE-2026-52931

In the Linux kernel, the following vulnerability has been resolved:

batman-adv: tp meter: avoid use of uninit sender vars

batadv tp recv ack() and batadv tp stop() are only valid for tp vars in the BATADV TP SENDER role. When called with a BATADV TP RECEIVER role, it proceeds to read sender-only members that were never initialized, leading to undefined behavior.

This can be triggered when a node that is currently acting as a receiver in an ongoing tp meter session receives a malicious ACK packet.

Guard against this by checking tp vars->role immediately after the lookup and bailing out if it is not BATADV TP SENDER, before any of those members are accessed.