From this webpage screenshot, we can extract the following key information about the vulnerability: 1. Vulnerability Description: - Title: net: dsa: mv88e6xxx: Fix out-of-bound access - Description: If an ATU (Address Translation Unit) violation is triggered by a CPU Load operation, the SPID (Source Port Identifier) may exceed DSA_MAX_PORTS (the size of the mv88e6xxx_chip_ports[] array). 2. Fix Status: - Upstream Commit: 528876d867a23b5198022baf2e388052ca67c952 - Fix: Resolved by 75c05a74e745 ("net: dsa: mv88e6xxx: Fix counting of ATU violations") 3. Signed-off-by: - Joseph Huang - Jakub Kicinski - Sasha Levin 4. Reviewed-by: - Andrew Lunn 5. Code Changes: - File: drivers/net/dsa/mv88e6xxx/global1_atu.c - Changes: - Removed line: - Added line: 6. Diffstat: - 1 file changed, 2 insertions, 1 deletion 7. Timestamps: - Commit time: 2024-08-19 19:52:50 -0400 - Fix time: 2024-09-04 13:17:41 +0200 This information indicates that the vulnerability was caused by out-of-bounds access due to ATU violations, and the issue was resolved through code modifications to prevent SPID from exceeding the array bounds.