CVE Catalog

CVE-2026-53319

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

4th percentile — higher than 4% of all known CVEs

Summary

In the Linux kernel, the WARN_ON_ONCE in wbt_init_enable_default() was removed because it triggered false alarms on expected memory allocation or writeback throttling registration failures. The disk simply operates without throttling, which is harmless.

Risk Assessment

The organization may receive misleading kernel warnings during MTD partition creation or under memory pressure, complicating real issue diagnosis.

Recommendation

Update the Linux kernel to a version containing this fix to eliminate false warnings and improve system stability.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default() wbt_init_enable_default() uses WARN_ON_ONCE to check for failures from wbt_alloc() and wbt_init(). However, both are expected failure paths: - wbt_alloc() can return NULL under memory pressure (-ENOMEM) - wbt_init() can fail with -EBUSY if wbt is already registered syzbot triggers this by injecting memory allocation failures during MTD partition creation via ioctl(BLKPG), causing a spurious warning. wbt_init_enable_default() is a best-effort initialization called from blk_register_queue() with a void return type. Failure simply means the disk operates without writeback throttling, which is harmless. Replace WARN_ON_ONCE with plain if-checks, consistent with how wbt_set_lat() in the same file already handles these failures. Add a pr_warn() for the wbt_init() failure to retain diagnostic information without triggering a full stack trace.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS