CVE-2026-46180

Source
https://cve.org/CVERecord?id=CVE-2026-46180
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46180.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46180
Downstream
Related
Published
2026-05-28T09:36:33.904Z
Modified
2026-07-08T08:13:41.425127875Z
Summary
wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task

Watchdog task might end between sendsig() and kthreadstop() calls, what results in the use-after-free issue. Fix this by increasing watchdog task reference count before calling sendsig() and dropping it by switching to kthreadstop_put().

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46180.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a9ffda88be7416b8336f644806c2b3ed3ce08b26
Fixed
a21f735fb1017ef89c6f9dbf4d799513b4e7bd5a
Fixed
df2e90d6a9955510f24f1dada78cfc439fd9fa88
Fixed
d616bb10de79e5c2bd8a24230a1128aeaf715615
Fixed
ed4168d1a50fef5be8eca947fbbf05a28507d265
Fixed
d16827cb1d3936f7627d0da6044483f743ebde03
Fixed
658d2e46c2e9a8eb9b80c5e803ce3c89885b3366
Fixed
908b92231e1ded53e43fcfad5e0704d83e1b803c
Fixed
c623b63580880cc742255eaed3d79804c1b91143

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46180.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.3.0
Fixed
5.10.259
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.210
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.176
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.140
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.88
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.30
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.7

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46180.json"