CVE-2026-23422

Summary

In the Linux kernel, the following vulnerability has been resolved:

dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler

Commit 31a7a0bbeb00 ("dpaa2-switch: add bounds check for if_id in IRQ handler") introduces a range check for if_id to avoid an out-of-bounds access. If an out-of-bounds if_id is detected, the interrupt status is not cleared. This may result in an interrupt storm.

Clear the interrupt status after detecting an out-of-bounds if_id to avoid the problem.

Found by an experimental AI code review agent at Google.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux77611cab5bdfff7a070ae574bbfba20a1de99d1b < 7def51cb9fb8b8d5342443372b8cf28d8fbd7f3daffected
LinuxLinux34b56c16efd61325d80bf1d780d0e176be662f59 < b5bababe7703a7322bc59b803ab1587887a2a5e4affected
LinuxLinuxf89e33c9c37f0001b730e23b3b05ab7b1ecface2 < c7becfe3e604d138bd53b8ac3111b2b3e8ec6b0eaffected
LinuxLinux2447edc367800ba914acf7ddd5d250416b45fb31 < fa4412cdc5178a48799bafcb8af28fd2fbf3d703affected
LinuxLinux1b381a638e1851d8cfdfe08ed9cdbec5295b18c9 < 00f42ace446f1e4bf84988f2281131f52cd32796affected
LinuxLinux31a7a0bbeb006bac2d9c81a2874825025214b6d8 < 28fd8ac1d49389cb230d712116f54e27ebec11b8affected
LinuxLinux31a7a0bbeb006bac2d9c81a2874825025214b6d8 < 74badb9c20b1a9c02a95c735c6d3cd6121679c93affected
LinuxLinux5.15.200 < 5.15.203affected
LinuxLinux6.1.163 < 6.1.167affected
LinuxLinux6.6.124 < 6.6.130affected
LinuxLinux6.12.70 < 6.12.77affected
LinuxLinux6.18.10 < 6.18.17affected
LinuxLinux6.19affected
LinuxLinux0 < 6.19unaffected
LinuxLinux5.15.203 <= 5.15.*unaffected
LinuxLinux6.1.167 <= 6.1.*unaffected
LinuxLinux6.6.130 <= 6.6.*unaffected
LinuxLinux6.12.77 <= 6.12.*unaffected
LinuxLinux6.18.17 <= 6.18.*unaffected
LinuxLinux6.19.7 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References