CVE-2026-53326 is a vulnerability in Linux Kernel
Published on July 1, 2026
debugobjects: Don't call fill_pool() in early boot hardirq context
In the Linux kernel, the following vulnerability has been resolved:
debugobjects: Don't call fill_pool() in early boot hardirq context
When booting a debug PREEMPT_RT kernel on an ARM64 system, a "inconsistent
{HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage" lockdep warning message was
reported to the console.
During early boot, interrupts are enabled before the scheduler is
enabled. In this window (before SYSTEM_SCHEDULING is set) interrupts can
fire and in the hard interrupt context handler attempt to fill the pool
This can lead to a deadlock when the interrupt occurred when the interrupt
hits a region which holds a lock that is required to be taken in the
allocation path.
Add a new can_fill_pool() helper and reorder the exception rule and forbid
this scenario by excluding allocations from hard interrupt context.
Products Associated with CVE-2026-53326
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version a460935022f512e167b4c5d4c12d85f89ba6aabd and below 44b8b03a9fb5c575548fc72c674653d6baba142a is affected.
- Version 06e0ae988f6e3499785c407429953ade19c1096b and below 7bc71bdb1c1526c7f02a6adab324394ff1327b0a is affected.
- Version 06e0ae988f6e3499785c407429953ade19c1096b and below 0d046ae106255cba5eb83b23f78ee93f3620247d is affected.
- Version 6.19 is affected.
- Before 6.19 is unaffected.
- Version 7.0.13, <= 7.0.* is unaffected.
- Version 7.1, <= * is unaffected.