Impact
In the Linux kernel, the fill_pool() function in the debugobjects subsystem can call rtlock_lock() on real‑time (RT) enabled kernels. When the current task’s pi_blocked_on flag is set, rtlock_lock() asserts and forces a kernel panic. The vulnerability allows an attacker to provoke a denial‑of‑service condition by manipulating the debugging subsystem so that a task is blocked on priority inheritance while the kernel tries to allocate a debug object, causing the system to crash.
Affected Systems
The flaw affects Linux kernels configured with CONFIG_PREEMPT_RT (RT support) and with the debugobjects subsystem compiled. All RT‑enabled kernel builds prior to the inclusion of the fix for this debugobjects assertion are potentially vulnerable. No specific kernel versions are listed, so the scope includes all vulnerable RT builds.
Risk and Exploitability
Expected exploitation requires kernel‑mode execution or elevated privileges. Based on the description, it is inferred that these privileges are needed to trigger the suspicious debugobjects code path that leads to the assertion. Without such privileges, remote exploitation is unlikely. The EPSS score is not available, the vulnerability is not in the CISA KEV catalog, and the attack surface without privilege escalation remains low to moderate. Given that a kernel panic results, an attacker who can execute privileged code can bring the system down.
OpenCVE Enrichment