CVE-2026-46021

Published: Mag 27, 2026 Last Modified: Mag 27, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

thermal: core: Fix thermal zone governor cleanup issues

If thermal_zone_device_register_with_trips() fails after adding
a thermal governor to the thermal zone being registered, the
governor is not removed from it as appropriate which may lead to
a memory leak.

In turn, thermal_zone_device_unregister() calls thermal_set_governor()
without acquiring the thermal zone lock beforehand which may race with
a governor update via sysfs and may lead to a use-after-free in that
case.

Address these issues by adding two thermal_set_governor() calls, one to
thermal_release() to remove the governor from the given thermal zone,
and one to the thermal zone registration error path to cover failures
preceding the thermal zone device registration.

https://git.kernel.org/stable/c/37a430a2d4e66ec8238da6c7f7e…

https://git.kernel.org/stable/c/37a430a2d4e66ec8238da6c7f7e48809bf265e13

https://git.kernel.org/stable/c/41ff66baf81c6541f4f985dd7ea…

https://git.kernel.org/stable/c/41ff66baf81c6541f4f985dd7eac4494d03d9440

https://git.kernel.org/stable/c/64d4ebf91d082034bbc5ae3ba2d…

https://git.kernel.org/stable/c/64d4ebf91d082034bbc5ae3ba2d7fd800bc02d06

https://git.kernel.org/stable/c/75f8f3c3e09122270986de9d7aa…

https://git.kernel.org/stable/c/75f8f3c3e09122270986de9d7aa347d701676761

https://git.kernel.org/stable/c/f412e541d25a3dfaf3d53e012ad…

https://git.kernel.org/stable/c/f412e541d25a3dfaf3d53e012ade6ff03cae8a45

CVE-2026-46021

Description

Iscriviti alla newsletter