-

CVE-2026-23180

EPSS 0.06%
Veröffentlicht 14.02.2026 16:27:11
Zuletzt bearbeitet 18.02.2026 17:52:22
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

dpaa2-switch: add bounds check for if_id in IRQ handler

The IRQ handler extracts if_id from the upper 16 bits of the hardware
status register and uses it to index into ethsw->ports[] without
validation. Since if_id can be any 16-bit value (0-65535) but the ports
array is only allocated with sw_attr.num_ifs elements, this can lead to
an out-of-bounds read potentially.

Add a bounds check before accessing the array, consistent with the
existing validation in dpaa2_switch_rx().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 77611cab5bdfff7a070ae574bbfba20a1de99d1b

Version 24ab724f8a4661b2dc8e696b41df93bdc108f7a1

Status affected

Version < 34b56c16efd61325d80bf1d780d0e176be662f59

Version 24ab724f8a4661b2dc8e696b41df93bdc108f7a1

Status affected

Version < f89e33c9c37f0001b730e23b3b05ab7b1ecface2

Version 24ab724f8a4661b2dc8e696b41df93bdc108f7a1

Status affected

Version < 2447edc367800ba914acf7ddd5d250416b45fb31

Version 24ab724f8a4661b2dc8e696b41df93bdc108f7a1

Status affected

Version < 1b381a638e1851d8cfdfe08ed9cdbec5295b18c9

Version 24ab724f8a4661b2dc8e696b41df93bdc108f7a1

Status affected

Version < 31a7a0bbeb006bac2d9c81a2874825025214b6d8

Version 24ab724f8a4661b2dc8e696b41df93bdc108f7a1

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.15

Status affected

Version < 5.15

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.200

Status unaffected

Version <= 6.1.*

Version 6.1.163

Status unaffected

Version <= 6.6.*

Version 6.6.124

Status unaffected

Version <= 6.12.*

Version 6.12.70

Status unaffected

Version <= 6.18.*

Version 6.18.10

Status unaffected

Version <= *

Version 6.19

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.189

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/77611cab5bdfff7a070ae574bbfba20a1de99d1b

https://git.kernel.org/stable/c/34b56c16efd61325d80bf1d780d0e176be662f59

https://git.kernel.org/stable/c/f89e33c9c37f0001b730e23b3b05ab7b1ecface2

https://git.kernel.org/stable/c/2447edc367800ba914acf7ddd5d250416b45fb31

https://git.kernel.org/stable/c/1b381a638e1851d8cfdfe08ed9cdbec5295b18c9

https://git.kernel.org/stable/c/31a7a0bbeb006bac2d9c81a2874825025214b6d8

https://nvd.nist.gov/vuln/detail/CVE-2026-23180

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-23180

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-23180

EUVD