CVE-2026-23180

The IRQ handler extracts ifid from the upper 16 bits of the hardware status register and uses it to index into ethsw->ports[] without validation. Since ifid can be any 16-bit value (0-65535) but the ports array is only allocated with swattr.numifs elements, this can lead to an out-of-bounds read potentially.

Add a bounds check before accessing the array, consistent with the existing validation in dpaa2switchrx().

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23180.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

24ab724f8a4661b2dc8e696b41df93bdc108f7a1

Fixed

77611cab5bdfff7a070ae574bbfba20a1de99d1b

Fixed

34b56c16efd61325d80bf1d780d0e176be662f59

Fixed

f89e33c9c37f0001b730e23b3b05ab7b1ecface2

Fixed

2447edc367800ba914acf7ddd5d250416b45fb31

Fixed

1b381a638e1851d8cfdfe08ed9cdbec5295b18c9

Fixed

31a7a0bbeb006bac2d9c81a2874825025214b6d8

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23180.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.15.0

Fixed

5.15.200

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.163

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.124

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.70

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.10

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23180.json"