CVE-2026-53326
Received Received - Intake

debugobjects: Avoid HardIRQ Context Pool Filling in Early Boot

Vulnerability report for CVE-2026-53326, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-01

Last updated on: 2026-07-01

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fill_pool() in early boot hardirq context When booting a debug PREEMPT_RT kernel on an ARM64 system, a "inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage" lockdep warning message was reported to the console. During early boot, interrupts are enabled before the scheduler is enabled. In this window (before SYSTEM_SCHEDULING is set) interrupts can fire and in the hard interrupt context handler attempt to fill the pool This can lead to a deadlock when the interrupt occurred when the interrupt hits a region which holds a lock that is required to be taken in the allocation path. Add a new can_fill_pool() helper and reorder the exception rule and forbid this scenario by excluding allocations from hard interrupt context.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-01
Last Modified
2026-07-01
Generated
2026-07-01
AI Q&A
2026-07-01
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel during the early boot process of a debug PREEMPT_RT kernel on ARM64 systems. Specifically, interrupts are enabled before the scheduler is active, allowing interrupts to fire in a hard interrupt context. During this time, the kernel attempts to fill a debug pool, which can lead to a deadlock if the interrupt occurs while holding a lock required for allocation.

The issue arises because the function fill_pool() is called in an inappropriate context (early boot hardirq context), causing an "inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage" lockdep warning and potential deadlock.

The fix involves adding a helper function can_fill_pool() and reordering exception rules to prevent allocations from occurring in the hard interrupt context during early boot.

Impact Analysis

This vulnerability can cause the Linux kernel to deadlock during the early boot process on ARM64 systems running a debug PREEMPT_RT kernel. A deadlock in this context means the system could hang or become unresponsive during startup, potentially preventing the system from booting properly.

Such a deadlock could impact system availability and reliability, especially in environments relying on real-time kernel features.

Detection Guidance

This vulnerability manifests as a "inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage" lockdep warning message reported to the console during early boot of a debug PREEMPT_RT kernel on an ARM64 system.

To detect this issue, monitor the system console or kernel logs for the specific lockdep warning message during early boot.

Suggested commands to check kernel logs include:

  • dmesg | grep -i 'inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage'
  • journalctl -k | grep -i 'lockdep warning'
Mitigation Strategies

The vulnerability is resolved by adding a new can_fill_pool() helper and reordering the exception rule to forbid allocations from hard interrupt context during early boot.

Immediate mitigation steps include updating the Linux kernel to a version that contains this fix.

If updating is not immediately possible, avoid booting debug PREEMPT_RT kernels on ARM64 systems or monitor for the lockdep warning to prevent potential deadlocks.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53326. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart