CVE-2026-23422

Published: Apr 3, 2026Modified: Apr 24, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler Commit 31a7a0bbeb00 ("dpaa2-switch: add bounds check for if_id in IRQ handler") introduces a range check for if_id to avoid an out-of-bounds access. If an out-of-bounds if_id is detected, the interrupt status is not cleared. This may result in an interrupt storm. Clear the interrupt status after detecting an out-of-bounds if_id to avoid the problem. Found by an experimental AI code review agent at Google.

Affected (14)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.15.200 to 5.15.203
Linux Linux Kernel	From 6.1.163 to 6.1.167
Linux Linux Kernel	From 6.12.70 to 6.12.77
Linux Linux Kernel	From 6.18.10 to 6.18.17
Linux Linux Kernel	From 6.19.1 to 6.19.7
Linux Linux Kernel	From 6.6.124 to 6.6.130
Linux Linux Kernel	Version 6.19
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2
Linux Linux Kernel	Version 7.0 rc3
Linux Linux Kernel	Version 7.0 rc4
Linux Linux Kernel	Version 7.0 rc5
Linux Linux Kernel	Version 7.0 rc6
Linux Linux Kernel	Version 7.0 rc7