CVE-2026-46180

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task

Watchdog task might end between send_sig() and kthread_stop() calls, what results in the use-after-free issue. Fix this by increasing watchdog task reference count before calling send_sig() and dropping it by switching to kthread_stop_put().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa9ffda88be7416b8336f644806c2b3ed3ce08b26 < a21f735fb1017ef89c6f9dbf4d799513b4e7bd5aaffected
LinuxLinuxa9ffda88be7416b8336f644806c2b3ed3ce08b26 < df2e90d6a9955510f24f1dada78cfc439fd9fa88affected
LinuxLinuxa9ffda88be7416b8336f644806c2b3ed3ce08b26 < d616bb10de79e5c2bd8a24230a1128aeaf715615affected
LinuxLinuxa9ffda88be7416b8336f644806c2b3ed3ce08b26 < ed4168d1a50fef5be8eca947fbbf05a28507d265affected
LinuxLinuxa9ffda88be7416b8336f644806c2b3ed3ce08b26 < d16827cb1d3936f7627d0da6044483f743ebde03affected
LinuxLinuxa9ffda88be7416b8336f644806c2b3ed3ce08b26 < 658d2e46c2e9a8eb9b80c5e803ce3c89885b3366affected
LinuxLinuxa9ffda88be7416b8336f644806c2b3ed3ce08b26 < 908b92231e1ded53e43fcfad5e0704d83e1b803caffected
LinuxLinuxa9ffda88be7416b8336f644806c2b3ed3ce08b26 < c623b63580880cc742255eaed3d79804c1b91143affected
LinuxLinux3.3affected
LinuxLinux0 < 3.3unaffected
LinuxLinux5.10.259 <= 5.10.*unaffected
LinuxLinux5.15.210 <= 5.15.*unaffected
LinuxLinux6.1.176 <= 6.1.*unaffected
LinuxLinux6.6.140 <= 6.6.*unaffected
LinuxLinux6.12.88 <= 6.12.*unaffected
LinuxLinux6.18.30 <= 6.18.*unaffected
LinuxLinux7.0.7 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References