CVE-2026-46158

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mptcp: pm: ADD_ADDR rtx: always decrease sk refcount<br /> <br /> When an ADD_ADDR is retransmitted, the sk is held in sk_reset_timer().<br /> It should then be released in all cases at the end.<br /> <br /> Some (unlikely) checks were returning directly instead of calling<br /> sock_put() to decrease the refcount. Jump to a new &amp;#39;exit&amp;#39; label to call<br /> __sock_put() (which will become sock_put() in the next commit) to fix<br /> this potential leak.<br /> <br /> While at it, drop the &amp;#39;!msk&amp;#39; check which cannot happen because it is<br /> never reset, and explicitly mark the remaining one as "unlikely".