CVE Catalog

CVE-2026-53327

Low risk· EPSS 6%
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

6th percentile — higher than 6% of all known CVEs

Summary

A vulnerability was found in the Linux kernel's debugobjects mechanism. The fill_pool() function calls rtlock_lock(), which asserts if current::pi_blocked_on is set, potentially causing assertion failures and corruption of the priority inheritance chain on RT-enabled kernels.

Risk Assessment

The risk involves possible system hangs or critical assertion failures during object debugging operations on RT kernels, which could lead to service disruption or system crashes.

Recommendation

Immediately update the Linux kernel to a version containing the fix that expands the conditional check for current::pi_blocked_on before calling fill_pool().

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Do not fill_pool() if pi_blocked_on On RT enabled kernels, fill_pool() ends up calling rtlock_lock(), which asserts if current::pi_blocked_on is set, because a task can obviously only block on one lock as otherwise the priority inheritenace chain gets corrupted. Prevent this by expanding the conditional to take current::pi_blocked_on into account.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS