Description
In the Linux kernel, the following vulnerability has been resolved:

blk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default()

wbt_init_enable_default() uses WARN_ON_ONCE to check for failures from
wbt_alloc() and wbt_init(). However, both are expected failure paths:

- wbt_alloc() can return NULL under memory pressure (-ENOMEM)
- wbt_init() can fail with -EBUSY if wbt is already registered

syzbot triggers this by injecting memory allocation failures during MTD
partition creation via ioctl(BLKPG), causing a spurious warning.

wbt_init_enable_default() is a best-effort initialization called from
blk_register_queue() with a void return type. Failure simply means the
disk operates without writeback throttling, which is harmless.

Replace WARN_ON_ONCE with plain if-checks, consistent with how
wbt_set_lat() in the same file already handles these failures. Add a
pr_warn() for the wbt_init() failure to retain diagnostic information
without triggering a full stack trace.
Published: 2026-06-26
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

wbt_init_enable_default() in the Linux kernel uses the WARN_ON_ONCE macro to detect failures from wbt_alloc() and wbt_init(). Both functions can legitimately fail under normal conditions – wbt_alloc() can return NULL when memory is exhausted and wbt_init() can return –EBUSY if the write‑back throttling component is already registered. The macro emits a stack trace each time it fires, causing clean, expected error cases to generate noisy warning log messages. Syzbot discovered this by forcing memory allocation failures during MTD partition creation through ioctl(BLKPG). The warning does not affect disk operation; the system continues without write‑back throttling, so there is no security impact beyond log noise.

Affected Systems

The flaw exists in the core block subsystem of the Linux kernel, affecting every release that has not incorporated the upstream patch that replaces WARN_ON_ONCE with explicit error checks. All distributions that ship their own kernel build – Linux kernel – are potentially impacted until they apply the patch supplied by the kernel maintainers.

Risk and Exploitability

The vulnerability has no CVSS score and is not listed in CISA’s KEV catalog, and its EPSS score is 0.00145, indicating a very low exploitation probability. The only observable effect is the generation of spurious warning messages, which cannot be used for privilege escalation, data exfiltration, or denial of service. Consequently the risk is low; the issue is primarily noise that can mislead operators. Monitoring for unexpected BLKPG warnings and applying a patch are sufficient to eliminate the problem.

Generated by OpenCVE AI on June 29, 2026 at 15:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that incorporates the upstream patch which removes WARN_ON_ONCE from wbt_init_enable_default() and replaces it with simple conditional checks and a pr_warn.
  • If a kernel update cannot be applied immediately, apply a local patch or vendor backport that replaces the WARN_ON_ONCE macro in the block subsystem with an if‑statement and pr_warn, thereby suppressing the unintended stack traces.
  • Reduce the likelihood of triggering the warning by ensuring adequate memory for MTD operations, for example by avoiding forced allocation failures or limiting concurrent MTD partitions during memory‑pressure situations.

Generated by OpenCVE AI on June 29, 2026 at 15:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 29 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-209

Mon, 29 Jun 2026 12:15:00 +0000


Fri, 26 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-209

Fri, 26 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default() wbt_init_enable_default() uses WARN_ON_ONCE to check for failures from wbt_alloc() and wbt_init(). However, both are expected failure paths: - wbt_alloc() can return NULL under memory pressure (-ENOMEM) - wbt_init() can fail with -EBUSY if wbt is already registered syzbot triggers this by injecting memory allocation failures during MTD partition creation via ioctl(BLKPG), causing a spurious warning. wbt_init_enable_default() is a best-effort initialization called from blk_register_queue() with a void return type. Failure simply means the disk operates without writeback throttling, which is harmless. Replace WARN_ON_ONCE with plain if-checks, consistent with how wbt_set_lat() in the same file already handles these failures. Add a pr_warn() for the wbt_init() failure to retain diagnostic information without triggering a full stack trace.
Title blk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-26T19:41:11.269Z

Reserved: 2026-06-09T07:44:35.398Z

Link: CVE-2026-53319

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity :

Publid Date: 2026-06-26T00:00:00Z

Links: CVE-2026-53319 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T15:30:05Z

Weaknesses
  • CWE-544

    Missing Standardized Error Handling Mechanism