What is GHSA-cmf4-rm73-rfhx?

GHSA-cmf4-rm73-rfhx is a security advisory published by GitHub Security Advisories with Critical severity. In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADD_ADDR rtx: fix...

Which CVE IDs does GHSA-cmf4-rm73-rfhx cover?

GHSA-cmf4-rm73-rfhx covers the following CVE IDs: CVE-2026-46137. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-cmf4-rm73-rfhx?

GHSA-cmf4-rm73-rfhx has a CVSS v3 base score of 9.8, published by GitHub Security Advisories.

GHSA-cmf4-rm73-rfhxCriticalCVSS 9.8

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADD_ADDR rtx: fix...

Vendor

GitHub Security Advisories

Published

May 28, 2026

Last Modified

May 30, 2026

🔗 CVE IDs covered (1)

CVE-2026-46137 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

mptcp: pm: ADD_ADDR rtx: fix potential data-race

This mptcp_pm_add_timer() helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bh_lock_sock().

If the socket is in use, retry again soon after, similar to what is done with the keepalive timer.

🔗 References (7)

https://nvd.nist.gov/vuln/detail/CVE-2026-46137
https://git.kernel.org/stable/c/013dcdc1961543b9a3433466bc8c79a2f4ca75b5
https://git.kernel.org/stable/c/2ad56e434199ca24a812bb353667aa1c3860f513
https://git.kernel.org/stable/c/5cd6e0ad79d2615264f63929f8b457ad97ae550d
https://git.kernel.org/stable/c/6e4710d7d8782cb61af29a7e7111ddfc38b9e1a3
https://git.kernel.org/stable/c/cc3c0399361efaaf7ae64262eb3f70829b1189c6
https://github.com/advisories/GHSA-cmf4-rm73-rfhx