Impact
wbt_init_enable_default() in the Linux kernel uses the WARN_ON_ONCE macro to detect failures from wbt_alloc() and wbt_init(). Both functions can legitimately fail under normal conditions – wbt_alloc() can return NULL when memory is exhausted and wbt_init() can return –EBUSY if the write‑back throttling component is already registered. The macro emits a stack trace each time it fires, causing clean, expected error cases to generate noisy warning log messages. Syzbot discovered this by forcing memory allocation failures during MTD partition creation through ioctl(BLKPG). The warning does not affect disk operation; the system continues without write‑back throttling, so there is no security impact beyond log noise.
Affected Systems
The flaw exists in the core block subsystem of the Linux kernel, affecting every release that has not incorporated the upstream patch that replaces WARN_ON_ONCE with explicit error checks. All distributions that ship their own kernel build – Linux kernel – are potentially impacted until they apply the patch supplied by the kernel maintainers.
Risk and Exploitability
The vulnerability has no CVSS score and is not listed in CISA’s KEV catalog, and its EPSS score is 0.00145, indicating a very low exploitation probability. The only observable effect is the generation of spurious warning messages, which cannot be used for privilege escalation, data exfiltration, or denial of service. Consequently the risk is low; the issue is primarily noise that can mislead operators. Monitoring for unexpected BLKPG warnings and applying a patch are sufficient to eliminate the problem.
OpenCVE Enrichment