VDB

CVE-2026-23422

CVE-2026-23422 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler Commit 31a7a0bbeb00 ("dpaa2-switch: add bounds check for if_id in IRQ handler") introduces a range check for if_id to avoid an out-of-bounds access. If an out-of-bounds if_id is detected, the interrupt status is not cleared. This may result in an interrupt storm. Clear the interrupt status after detecting an out-of-bounds if_id to avoid the problem. Found by an experimental AI code review agent at Google.

EPSS 0.02% · 3.6th percentile

Risk Scores

EPSS Score
0.02%
3.6th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel6.6.124, 6.12.70, 6.18.10
LinuxLinuxf89e33c9c37f0001b730e23b3b05ab7b1ecface2, 1b381a638e1851d8cfdfe08ed9cdbec5295b18c9, 31a7a0bbeb006bac2d9c81a2874825025214b6d8

Timeline

  • Apr 3, 2026 CVE Published
  • Apr 3, 2026 Security Advisory
  • Apr 24, 2026 CVE Updated
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score
  • May 25, 2026 EPSS Score
  • May 26, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›