Description
In the Linux kernel, the following vulnerability has been resolved:

debugobjects: Don't call fill_pool() in early boot hardirq context

When booting a debug PREEMPT_RT kernel on an ARM64 system, a "inconsistent
{HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage" lockdep warning message was
reported to the console.

During early boot, interrupts are enabled before the scheduler is
enabled. In this window (before SYSTEM_SCHEDULING is set) interrupts can
fire and in the hard interrupt context handler attempt to fill the pool

This can lead to a deadlock when the interrupt occurred when the interrupt
hits a region which holds a lock that is required to be taken in the
allocation path.

Add a new can_fill_pool() helper and reorder the exception rule and forbid
this scenario by excluding allocations from hard interrupt context.
Published: 2026-07-01
Score: 5.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the Linux kernel’s early boot routine causes the debug PREEMPT_RT build to call a memory‑allocation helper while in hard interrupt context. The helper can acquire a lock that the pool allocator also needs, leading to a deadlock that stalls the kernel. The impact is a loss of availability as the system can freeze during boot or become unresponsive, potentially affecting any process that requires debug or real‑time capabilities.

Affected Systems

This issue affects Linux kernel builds that include the debug PREEMPT_RT configuration, particularly on ARM64 architectures. The specific affected versions are those before the patch referenced by commits 0d046ae106255cba5eb83b23f78ee93f3620247d, 44b8b03a9fb5c575548fc72c674653d6baba142a, and 7bc71bdb1c1526c7f02a6adab324394ff1327b0a. Versions containing this fix are effectively all kernels updated after those commits.

Risk and Exploitability

Based on the description, it is inferred that the flaw does not provide a direct path for code execution or privilege escalation; the primary impact is the potential for the kernel to become locked during early boot when interrupts are enabled but the scheduler is not yet running. The CVSS score is not listed and no EPSS data is available, indicating limited publicly measured risk data. The vulnerability has not been listed in the CISA KEV catalog. The likely attack vector would require an attacker with physical or firmware control to influence the boot sequence or trigger the interrupt that accesses a region holding the conflicting lock; no remote exploitation path is disclosed. Consequently, the exploitation probability is considered low in the absence of evidence of public exploits, but any successful occurrence would cause a severe unavailability issue during system startup.

Generated by OpenCVE AI on July 1, 2026 at 23:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the kernel to a revision that contains the fix, such as the latest stable release or a release that incorporates commits 0d046ae, 44b8b03, and 7bc71bdb
  • If an upgrade is not immediately possible, cherry‑pick and apply the same patch from the Linux kernel repository to your current image
  • Disable debug PREEMPT_RT features on boot or use a non‑debug kernel until the patch is applied and test that lockdep no longer reports an "inconsistent HARDIRQ-ON-W" warning

Generated by OpenCVE AI on July 1, 2026 at 23:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Jul 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-833
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low


Wed, 01 Jul 2026 23:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-368

Wed, 01 Jul 2026 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-368

Wed, 01 Jul 2026 13:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fill_pool() in early boot hardirq context When booting a debug PREEMPT_RT kernel on an ARM64 system, a "inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage" lockdep warning message was reported to the console. During early boot, interrupts are enabled before the scheduler is enabled. In this window (before SYSTEM_SCHEDULING is set) interrupts can fire and in the hard interrupt context handler attempt to fill the pool This can lead to a deadlock when the interrupt occurred when the interrupt hits a region which holds a lock that is required to be taken in the allocation path. Add a new can_fill_pool() helper and reorder the exception rule and forbid this scenario by excluding allocations from hard interrupt context.
Title debugobjects: Don't call fill_pool() in early boot hardirq context
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-07-01T13:32:12.924Z

Reserved: 2026-06-09T07:44:35.398Z

Link: CVE-2026-53326

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Low

Publid Date: 2026-07-01T00:00:00Z

Links: CVE-2026-53326 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T23:30:17Z

Weaknesses