CVE-2026-23422
Received Received - Intake
Interrupt Storm Vulnerability in Linux dpaa2-switch IRQ Handler

Publication date: 2026-04-03

Last updated on: 2026-04-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler Commit 31a7a0bbeb00 ("dpaa2-switch: add bounds check for if_id in IRQ handler") introduces a range check for if_id to avoid an out-of-bounds access. If an out-of-bounds if_id is detected, the interrupt status is not cleared. This may result in an interrupt storm. Clear the interrupt status after detecting an out-of-bounds if_id to avoid the problem. Found by an experimental AI code review agent at Google.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-03
Last Modified
2026-04-24
Generated
2026-06-16
AI Q&A
2026-04-03
EPSS Evaluated
2026-06-15
NVD
CVE-2026-23422
EUVD
EUVD-2026-18641
Affected Vendors & Products
Showing 14 associated CPEs
Vendor Product Version / Range
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel From 6.19.1 (inc) to 6.19.7 (exc)
linux linux_kernel 6.19
linux linux_kernel From 5.15.200 (inc) to 5.15.203 (exc)
linux linux_kernel From 6.1.163 (inc) to 6.1.167 (exc)
linux linux_kernel From 6.12.70 (inc) to 6.12.77 (exc)
linux linux_kernel From 6.18.10 (inc) to 6.18.17 (exc)
linux linux_kernel From 6.6.124 (inc) to 6.6.130 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's dpaa2-switch component. It occurs when an invalid or out-of-bounds interface identifier (if_id) is received in the interrupt request (IRQ) handler.

Originally, the code did not properly check if the if_id was within valid bounds, which could lead to an out-of-bounds access. When such an invalid if_id was detected, the interrupt status was not cleared, causing the system to repeatedly handle the same interrupt.

This results in an interrupt storm, where the CPU is overwhelmed by continuous interrupts, potentially degrading system performance or causing instability.

The fix introduced a bounds check for if_id and ensured that the interrupt status is cleared even when an out-of-bounds if_id is detected, preventing the interrupt storm.

Impact Analysis

If exploited or triggered, this vulnerability can cause an interrupt storm in the Linux kernel's dpaa2-switch component.

An interrupt storm can overwhelm the CPU with repeated interrupts, leading to degraded system performance, increased latency, or even system instability or crashes.

This can affect the reliability and availability of systems running vulnerable versions of the Linux kernel, especially those relying on dpaa2-switch functionality.

Mitigation Strategies

The vulnerability is fixed by adding a bounds check for if_id in the IRQ handler of the dpaa2-switch driver in the Linux kernel. To mitigate this vulnerability, you should update your Linux kernel to a version that includes the fix from commit 31a7a0bbeb00.

This update ensures that out-of-bounds if_id values are detected and the interrupt status is properly cleared, preventing an interrupt storm.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23422. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart