CVE-2026-53319
Received Received - Intake
Linux Kernel Writeback Throttling Memory Allocation Failure

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default() wbt_init_enable_default() uses WARN_ON_ONCE to check for failures from wbt_alloc() and wbt_init(). However, both are expected failure paths: - wbt_alloc() can return NULL under memory pressure (-ENOMEM) - wbt_init() can fail with -EBUSY if wbt is already registered syzbot triggers this by injecting memory allocation failures during MTD partition creation via ioctl(BLKPG), causing a spurious warning. wbt_init_enable_default() is a best-effort initialization called from blk_register_queue() with a void return type. Failure simply means the disk operates without writeback throttling, which is harmless. Replace WARN_ON_ONCE with plain if-checks, consistent with how wbt_set_lat() in the same file already handles these failures. Add a pr_warn() for the wbt_init() failure to retain diagnostic information without triggering a full stack trace.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-27
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-53319
EUVD
EUVD-2026-39854
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves the Linux kernel's blk-wbt subsystem, specifically the function wbt_init_enable_default(). The function used WARN_ON_ONCE to check for failures from wbt_alloc() and wbt_init(), but these failures are expected under certain conditions such as memory pressure or the subsystem already being registered.

Because these failure paths are normal, using WARN_ON_ONCE caused unnecessary warnings and stack traces during operations like MTD partition creation. The fix replaced WARN_ON_ONCE with simple if-checks and added a pr_warn() to log failures without triggering full stack traces, improving diagnostic clarity without causing spurious warnings.

Impact Analysis

The impact of this vulnerability is minimal and mostly related to unnecessary warning messages and stack traces in the kernel logs. The failure of wbt_init_enable_default() simply means the disk will operate without writeback throttling, which is harmless and does not affect system stability or security.

Compliance Impact

The provided information does not specify any impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Detection Guidance

This vulnerability involves spurious warnings triggered by WARN_ON_ONCE in the Linux kernel's blk-wbt subsystem during memory allocation failures. Detection would involve monitoring kernel logs for such warnings related to wbt_init_enable_default() failures.

You can check your system logs for these warnings using commands like:

  • dmesg | grep -i 'wbt_init_enable_default'
  • journalctl -k | grep -i 'wbt_init_enable_default'
  • grep -i 'wbt_init_enable_default' /var/log/kern.log

These commands help identify if the kernel has logged warnings related to this issue, indicating the presence of the vulnerability or its effects.

Mitigation Strategies

Since the vulnerability is related to spurious kernel warnings caused by WARN_ON_ONCE in blk-wbt and does not affect system stability or security directly, immediate mitigation involves updating the Linux kernel to a version where this issue is fixed.

The fix replaces WARN_ON_ONCE with plain if-checks and adds pr_warn() for diagnostic purposes without triggering full stack traces.

Therefore, the recommended step is to apply the latest kernel updates from your Linux distribution that include this patch.

No other immediate configuration changes or mitigations are necessary as failure in wbt_init_enable_default() only results in the disk operating without writeback throttling, which is harmless.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53319. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart