CVE-2026-46187
Published: May 28, 2026
Modified: Jun 1, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: fix kthread lifetime race between self-exit and external-stop RSI driver use both self-exit(kthread_complete_and_exit) and external-stop (kthread_stop) when killing a kthread. Generally, kthread_stop() is called first, and in this case, no particular issues occur. However, in rare instances where kthread_complete_and_exit() is called first and then kthread_stop() is called, a UAF occurs because the kthread object, which has already exited and been freed, is accessed again. Therefore, to prevent this with minimal modification, you must remove kthread_stop() and change the code to wait until the self-exit operation is completed.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 4c62764d0fc21a34ffc44eec1210038c3a2e4473 - < 4ac3095da22fc50e51ec10c3b8323c21ab3e441aaffected 4c62764d0fc21a34ffc44eec1210038c3a2e4473 - < 9dfe8a4458a063c6433526bc59112a169eee1aa3affected 4c62764d0fc21a34ffc44eec1210038c3a2e4473 - < 4f697813162d5f9151726a6d2bee82bffe4b0256affected 4c62764d0fc21a34ffc44eec1210038c3a2e4473 - < 95fcb436586dc3c2983537d557ac05bbc6a027f3affected 4c62764d0fc21a34ffc44eec1210038c3a2e4473 - < 16d9f674c619838bdeae42abc0929c9c5477ea1f+13 more versions |
Linux | Linux | affected 4.20unaffected 0 - < 4.20unaffected 5.10.258 - <= 5.10.*unaffected 5.15.209 - <= 5.15.*unaffected 6.1.175 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now