Vulnerability DatabaseCVE-2026-23422

CVE-2026-23422:
Linux Debian vulnerability analysis and mitigation

In the Linux kernel, the following vulnerability has been resolved:

dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler

Commit 31a7a0bbeb00 ("dpaa2-switch: add bounds check for if_id in IRQ handler") introduces a range check for if_id to avoid an out-of-bounds access. If an out-of-bounds if_id is detected, the interrupt status is not cleared. This may result in an interrupt storm.

Clear the interrupt status after detecting an out-of-bounds if_id to avoid the problem.

Found by an experimental AI code review agent at Google.

Source: NVD

View vulnerable instances

Not a customer? See how Wiz maps CVEs like this one to real cloud attack paths.

Watch 12-min demo

Published April 3, 2026

CNA Score N/A

Affected Technologies

Linux Debian
Linux Ubuntu

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 9.1

Exploitation Probability (EPSS) N/A

Affected packages and libraries

linux-aws-fips
linux-azure-fips

Sources

NVD
Debian Security Tracker
- Debian 12, 13 No FixAdded at: Apr 05, 2026
- Debian 14 Has FixAdded at: Apr 05, 2026
Echo
- Echo Has FixAdded at: Apr 05, 2026
Ubuntu Security Tracker
- Ubuntu 16.04, 18.04, 20.04 Severity MEDIUMNo FixAdded at: Apr 07, 2026

Get a CVE risk assessment

Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.

Request assessment

Related Linux Debian vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-41445	HIGH	8.7	Linux Debian	kissfft	No	No	Apr 20, 2026
CVE-2026-28684	MEDIUM	6.6	Linux Debian	python-dotenv	No	No	Apr 20, 2026
CVE-2026-6654	MEDIUM	5.1	Rust	thin-vec	No	Yes	Apr 20, 2026
CVE-2026-3219	MEDIUM	4.6	Linux Debian	python-pip	No	No	Apr 20, 2026
CVE-2026-5958	LOW	2.1	Linux Debian	sed	No	No	Apr 20, 2026