CVE-2026-53326 (GCVE-0-2026-53326)

Vulnerability from cvelistv5 – Published: 2026-07-01 13:32 – Updated: 2026-07-01 13:32
VLAI
Title
debugobjects: Don't call fill_pool() in early boot hardirq context
Summary
In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fill_pool() in early boot hardirq context When booting a debug PREEMPT_RT kernel on an ARM64 system, a "inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage" lockdep warning message was reported to the console. During early boot, interrupts are enabled before the scheduler is enabled. In this window (before SYSTEM_SCHEDULING is set) interrupts can fire and in the hard interrupt context handler attempt to fill the pool This can lead to a deadlock when the interrupt occurred when the interrupt hits a region which holds a lock that is required to be taken in the allocation path. Add a new can_fill_pool() helper and reorder the exception rule and forbid this scenario by excluding allocations from hard interrupt context.
Severity
No CVSS data available.
Assigner
Impacted products
Vendor Product Version
Linux Linux Affected: a460935022f512e167b4c5d4c12d85f89ba6aabd , < 44b8b03a9fb5c575548fc72c674653d6baba142a (git)
Affected: 06e0ae988f6e3499785c407429953ade19c1096b , < 7bc71bdb1c1526c7f02a6adab324394ff1327b0a (git)
Affected: 06e0ae988f6e3499785c407429953ade19c1096b , < 0d046ae106255cba5eb83b23f78ee93f3620247d (git)
Create a notification for this product.
Linux Linux Affected: 6.19
Unaffected: 0 , < 6.19 (semver)
Unaffected: 7.0.13 , ≤ 7.0.* (semver)
Unaffected: 7.1 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "lib/debugobjects.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "44b8b03a9fb5c575548fc72c674653d6baba142a",
              "status": "affected",
              "version": "a460935022f512e167b4c5d4c12d85f89ba6aabd",
              "versionType": "git"
            },
            {
              "lessThan": "7bc71bdb1c1526c7f02a6adab324394ff1327b0a",
              "status": "affected",
              "version": "06e0ae988f6e3499785c407429953ade19c1096b",
              "versionType": "git"
            },
            {
              "lessThan": "0d046ae106255cba5eb83b23f78ee93f3620247d",
              "status": "affected",
              "version": "06e0ae988f6e3499785c407429953ade19c1096b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "lib/debugobjects.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.19"
            },
            {
              "lessThan": "6.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.*",
              "status": "unaffected",
              "version": "7.0.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0.13",
                  "versionStartIncluding": "6.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.1",
                  "versionStartIncluding": "6.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndebugobjects: Don\u0027t call fill_pool() in early boot hardirq context\n\nWhen booting a debug PREEMPT_RT kernel on an ARM64 system, a \"inconsistent\n{HARDIRQ-ON-W} -\u003e {IN-HARDIRQ-W} usage\" lockdep warning message was\nreported to the console.\n\nDuring early boot, interrupts are enabled before the scheduler is\nenabled. In this window (before SYSTEM_SCHEDULING is set) interrupts can\nfire and in the hard interrupt context handler attempt to fill the pool\n\nThis can lead to a deadlock when the interrupt occurred when the interrupt\nhits a region which holds a lock that is required to be taken in the\nallocation path.\n\nAdd a new can_fill_pool() helper and reorder the exception rule and forbid\nthis scenario by excluding allocations from hard interrupt context."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-01T13:32:12.924Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/44b8b03a9fb5c575548fc72c674653d6baba142a"
        },
        {
          "url": "https://git.kernel.org/stable/c/7bc71bdb1c1526c7f02a6adab324394ff1327b0a"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d046ae106255cba5eb83b23f78ee93f3620247d"
        }
      ],
      "title": "debugobjects: Don\u0027t call fill_pool() in early boot hardirq context",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-53326",
    "datePublished": "2026-07-01T13:32:12.924Z",
    "dateReserved": "2026-06-09T07:44:35.398Z",
    "dateUpdated": "2026-07-01T13:32:12.924Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-53326",
      "date": "2026-07-02",
      "epss": "0.00166",
      "percentile": "0.06152"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-53326\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-07-01T14:16:40.443\",\"lastModified\":\"2026-07-01T14:16:40.443\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndebugobjects: Don\u0027t call fill_pool() in early boot hardirq context\\n\\nWhen booting a debug PREEMPT_RT kernel on an ARM64 system, a \\\"inconsistent\\n{HARDIRQ-ON-W} -\u003e {IN-HARDIRQ-W} usage\\\" lockdep warning message was\\nreported to the console.\\n\\nDuring early boot, interrupts are enabled before the scheduler is\\nenabled. In this window (before SYSTEM_SCHEDULING is set) interrupts can\\nfire and in the hard interrupt context handler attempt to fill the pool\\n\\nThis can lead to a deadlock when the interrupt occurred when the interrupt\\nhits a region which holds a lock that is required to be taken in the\\nallocation path.\\n\\nAdd a new can_fill_pool() helper and reorder the exception rule and forbid\\nthis scenario by excluding allocations from hard interrupt context.\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"lib/debugobjects.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"a460935022f512e167b4c5d4c12d85f89ba6aabd\",\"lessThan\":\"44b8b03a9fb5c575548fc72c674653d6baba142a\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"06e0ae988f6e3499785c407429953ade19c1096b\",\"lessThan\":\"7bc71bdb1c1526c7f02a6adab324394ff1327b0a\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"06e0ae988f6e3499785c407429953ade19c1096b\",\"lessThan\":\"0d046ae106255cba5eb83b23f78ee93f3620247d\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"lib/debugobjects.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"6.19\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"6.19\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.0.13\",\"lessThanOrEqual\":\"7.0.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.1\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0d046ae106255cba5eb83b23f78ee93f3620247d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/44b8b03a9fb5c575548fc72c674653d6baba142a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7bc71bdb1c1526c7f02a6adab324394ff1327b0a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…