Linux Kernel brcmfmac Watchdog UAF on Stop
CVE-2026-46180 Published on May 28, 2026
wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task
In the Linux kernel, the following vulnerability has been resolved:
wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task
Watchdog task might end between send_sig() and kthread_stop() calls, what
results in the use-after-free issue. Fix this by increasing watchdog task
reference count before calling send_sig() and dropping it by switching to
kthread_stop_put().
Products Associated with CVE-2026-46180
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version a9ffda88be7416b8336f644806c2b3ed3ce08b26 and below ed4168d1a50fef5be8eca947fbbf05a28507d265 is affected.
- Version a9ffda88be7416b8336f644806c2b3ed3ce08b26 and below d16827cb1d3936f7627d0da6044483f743ebde03 is affected.
- Version a9ffda88be7416b8336f644806c2b3ed3ce08b26 and below 658d2e46c2e9a8eb9b80c5e803ce3c89885b3366 is affected.
- Version a9ffda88be7416b8336f644806c2b3ed3ce08b26 and below 908b92231e1ded53e43fcfad5e0704d83e1b803c is affected.
- Version a9ffda88be7416b8336f644806c2b3ed3ce08b26 and below c623b63580880cc742255eaed3d79804c1b91143 is affected.
- Version 3.3 is affected.
- Before 3.3 is unaffected.
- Version 6.6.140, <= 6.6.* is unaffected.
- Version 6.12.88, <= 6.12.* is unaffected.
- Version 6.18.30, <= 6.18.* is unaffected.
- Version 7.0.7, <= 7.0.* is unaffected.
- Version 7.1-rc3, <= * is unaffected.