CVE-2026-53326
Low risk· EPSS 6%Exploitation Probability (EPSS)
Low risk6th percentile — higher than 6% of all known CVEs
Summary
A vulnerability in the Linux kernel's debugobjects mechanism triggers a lockdep inconsistency warning during early boot on ARM64 systems with PREEMPT_RT enabled. The issue occurs when hardware interrupts are handled before the scheduler is active, and attempting to fill the debug object pool in hard interrupt context can lead to a deadlock.
Risk Assessment
The risk involves a potential system deadlock during early boot, which may prevent the operating system from starting correctly, especially on ARM64 platforms with PREEMPT_RT configuration.
Recommendation
It is recommended to immediately update the Linux kernel to a version containing the fix, which adds the can_fill_pool() helper and forbids allocations in hard interrupt context during early boot.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fill_pool() in early boot hardirq context When booting a debug PREEMPT_RT kernel on an ARM64 system, a "inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage" lockdep warning message was reported to the console. During early boot, interrupts are enabled before the scheduler is enabled. In this window (before SYSTEM_SCHEDULING is set) interrupts can fire and in the hard interrupt context handler attempt to fill the pool This can lead to a deadlock when the interrupt occurred when the interrupt hits a region which holds a lock that is required to be taken in the allocation path. Add a new can_fill_pool() helper and reorder the exception rule and forbid this scenario by excluding allocations from hard interrupt context.

