{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T01:30:32.325","vulnerabilities":[{"cve":{"id":"CVE-2026-23180","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-02-14T17:15:55.747","lastModified":"2026-04-15T14:34:27.800","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndpaa2-switch: add bounds check for if_id in IRQ handler\n\nThe IRQ handler extracts if_id from the upper 16 bits of the hardware\nstatus register and uses it to index into ethsw->ports[] without\nvalidation. Since if_id can be any 16-bit value (0-65535) but the ports\narray is only allocated with sw_attr.num_ifs elements, this can lead to\nan out-of-bounds read potentially.\n\nAdd a bounds check before accessing the array, consistent with the\nexisting validation in dpaa2_switch_rx()."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ndpaa2-switch: añadir comprobación de límites para if_id en el manejador IRQ\n\nEl manejador IRQ extrae if_id de los 16 bits superiores del registro de estado del hardware y lo utiliza para indexar en ethsw->ports[] sin validación. Dado que if_id puede ser cualquier valor de 16 bits (0-65535) pero el array de puertos solo se asigna con elementos sw_attr.num_ifs, esto puede llevar a una posible lectura fuera de límites.\n\nAñadir una comprobación de límites antes de acceder al array, consistente con la validación existente en dpaa2_switch_rx()."}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"references":[{"url":"https://git.kernel.org/stable/c/1b381a638e1851d8cfdfe08ed9cdbec5295b18c9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/2447edc367800ba914acf7ddd5d250416b45fb31","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/31a7a0bbeb006bac2d9c81a2874825025214b6d8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/34b56c16efd61325d80bf1d780d0e176be662f59","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/77611cab5bdfff7a070ae574bbfba20a1de99d1b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/f89e33c9c37f0001b730e23b3b05ab7b1ecface2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}