CVE-2025-38483
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
comedi: das16m1: Fix bit shift out of bounds
When checking for a supported IRQ number, the following test is used:
/* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */
if ((1 << it->options[1]) & 0xdcfc) {
However, it->options[i] is an unchecked int value from userspace, so
the shift amount could be negative or out of bounds. Fix the test by
requiring it->options[1] to be within bounds before proceeding with
the original test.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 729988507680b2ce934bce61d9ce0ea7b235914c < 539bdff832adac9ea653859fa0b6bc62e743329c | affected |
| Linux | Linux | 729988507680b2ce934bce61d9ce0ea7b235914c < d1291c69f46d6572b2cf75960dd8975d7ab2176b | affected |
| Linux | Linux | 729988507680b2ce934bce61d9ce0ea7b235914c < b3c95fa508e5dc3da60520eea92a5241095ceef1 | affected |
| Linux | Linux | 729988507680b2ce934bce61d9ce0ea7b235914c < 65c03e6fc524eb2868abedffd8a4613d78abc288 | affected |
| Linux | Linux | 729988507680b2ce934bce61d9ce0ea7b235914c < adb7df8a8f9d788423e161b779764527dd3ec2d0 | affected |
| Linux | Linux | 729988507680b2ce934bce61d9ce0ea7b235914c < 076b13ee60eb01ed0d140ef261f95534562a3077 | affected |
| Linux | Linux | 729988507680b2ce934bce61d9ce0ea7b235914c < f211572818ed5bec2b3f5d4e0719ef8699b3c269 | affected |
| Linux | Linux | 729988507680b2ce934bce61d9ce0ea7b235914c < ed93c6f68a3be06e4e0c331c6e751f462dee3932 | affected |
| Linux | Linux | 3.14 | affected |
| Linux | Linux | 0 < 3.14 | unaffected |
| Linux | Linux | 5.4.297 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.241 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.190 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.147 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.100 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.40 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.8 <= 6.15.* | unaffected |
| Linux | Linux | 6.16 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
References
- https://git.kernel.org/stable/c/539bdff832adac9ea653859fa0b6bc62e743329c
- https://git.kernel.org/stable/c/d1291c69f46d6572b2cf75960dd8975d7ab2176b
- https://git.kernel.org/stable/c/b3c95fa508e5dc3da60520eea92a5241095ceef1
- https://git.kernel.org/stable/c/65c03e6fc524eb2868abedffd8a4613d78abc288
- https://git.kernel.org/stable/c/adb7df8a8f9d788423e161b779764527dd3ec2d0
- https://git.kernel.org/stable/c/076b13ee60eb01ed0d140ef261f95534562a3077
- https://git.kernel.org/stable/c/f211572818ed5bec2b3f5d4e0719ef8699b3c269
- https://git.kernel.org/stable/c/ed93c6f68a3be06e4e0c331c6e751f462dee3932
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.