CVE-2026-46137
published 2026-05-28CVE-2026-46137: In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADD_ADDR rtx: fix potential data-race This mptcp_pm_add_timer() helper is…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
In the Linux kernel, the following vulnerability has been resolved:
mptcp: pm: ADD_ADDR rtx: fix potential data-race
This mptcp_pm_add_timer() helper is executed as a timer callback in
softirq context. To avoid any data races, the socket lock needs to be
held with bh_lock_sock().
If the socket is in use, retry again soon after, similar to what is done
with the keepalive timer.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux | — | — |
| linux | linux | >= 00cfd77b9063dcdf3628a7087faba60de85a9cc8 < 013dcdc1961543b9a3433466bc8c79a2f4ca75b5 | 013dcdc1961543b9a3433466bc8c79a2f4ca75b5 |
| linux | linux | >= 00cfd77b9063dcdf3628a7087faba60de85a9cc8 < 6e4710d7d8782cb61af29a7e7111ddfc38b9e1a3 | 6e4710d7d8782cb61af29a7e7111ddfc38b9e1a3 |
| linux | linux | >= 00cfd77b9063dcdf3628a7087faba60de85a9cc8 < 2ad56e434199ca24a812bb353667aa1c3860f513 | 2ad56e434199ca24a812bb353667aa1c3860f513 |
| linux | linux | >= 00cfd77b9063dcdf3628a7087faba60de85a9cc8 < cc3c0399361efaaf7ae64262eb3f70829b1189c6 | cc3c0399361efaaf7ae64262eb3f70829b1189c6 |
| linux | linux | >= 00cfd77b9063dcdf3628a7087faba60de85a9cc8 < 5cd6e0ad79d2615264f63929f8b457ad97ae550d | 5cd6e0ad79d2615264f63929f8b457ad97ae550d |
| linux | linux_kernel | — | — |