CVE-2026-46021
thermal: core: Fix thermal zone governor cleanup issues
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone governor cleanup issues If thermal_zone_device_register_with_trips() fails after adding a thermal governor to the thermal zone being registered, the governor is not removed from it as appropriate which may lead to a memory leak. In turn, thermal_zone_device_unregister() calls thermal_set_governor() without acquiring the thermal zone lock beforehand which may race with a governor update via sysfs and may lead to a use-after-free in that case. Address these issues by adding two thermal_set_governor() calls, one to thermal_release() to remove the governor from the given thermal zone, and one to the thermal zone registration error path to cover failures preceding the thermal zone device registration.
| Vendor | linux |
| Product | linux |
| Ecosystems | |
| Industries | Technology |
| Published | May 27, 2026 |
Get instant alerts for linux linux
Be the first to know when new unknown vulnerabilities affecting linux linux are published โ delivered to Slack, Telegram or Discord.