CVE-2026-46021 Linux CVE debrief

Who should care

Linux system administrators managing thermal-sensitive workloads, kernel maintainers, and security teams monitoring kernel-level memory safety issues

Technical summary

The vulnerability exists in the Linux kernel thermal core subsystem. The first flaw is a memory leak occurring when thermal_zone_device_register_with_trips() fails after governor attachment but before registration completion, leaving the governor reference uncleared. The second flaw is a locking deficiency where thermal_zone_device_unregister() invokes thermal_set_governor() without acquiring the thermal zone mutex, creating a race window with concurrent sysfs governor updates that could result in use-after-free memory corruption. The resolution adds defensive thermal_set_governor() invocations in thermal_release() for proper governor detachment and in the registration error path for pre-registration failure cleanup.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates containing the referenced stable commits when available from your Linux distribution
• Monitor vendor security advisories for kernel package updates addressing this thermal subsystem fix
• Review systems utilizing thermal zone management for unusual memory consumption patterns
• Ensure thermal governor configurations via sysfs are performed during maintenance windows to minimize race condition exposure

Evidence notes

The vulnerability description is sourced from the official CVE record and NVD entry. The fix involves kernel-level changes to thermal zone governor management with commits referenced in the source material. No CVSS score has been assigned as of the CVE publication date.

Official resources