In the Linux kernel, the following vulnerability has been resolved:
batman-adv: v: stop OGMv2 on disabled interface
When a batadvhardiface is disabled, its meshiface pointer is set to NULL. However, batadvvogmsendmeshif() may still dispatch OGMs via batadvvogmqueueonif() for interfaces that have since lost their meshiface association. This results in a NULL pointer dereference when batadvvogmqueueonif() unconditionally calls netdevpriv() on the now NULL hardiface->meshiface to retrieve the batadvpriv.
It is necessary to ensure that the batadvvogmqueueonif() checks that it is using the same meshiface for which batadvvogmsendmeshif() was called.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/52xxx/CVE-2026-52913.json",
"cna_assigner": "Linux"
}