CVE-2025-38483

Summary

In the Linux kernel, the following vulnerability has been resolved:

comedi: das16m1: Fix bit shift out of bounds

When checking for a supported IRQ number, the following test is used:

/* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */
if ((1 << it->options[1]) & 0xdcfc) {

However, it->options[i] is an unchecked int value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring it->options[1] to be within bounds before proceeding with the original test.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux729988507680b2ce934bce61d9ce0ea7b235914c < 539bdff832adac9ea653859fa0b6bc62e743329caffected
LinuxLinux729988507680b2ce934bce61d9ce0ea7b235914c < d1291c69f46d6572b2cf75960dd8975d7ab2176baffected
LinuxLinux729988507680b2ce934bce61d9ce0ea7b235914c < b3c95fa508e5dc3da60520eea92a5241095ceef1affected
LinuxLinux729988507680b2ce934bce61d9ce0ea7b235914c < 65c03e6fc524eb2868abedffd8a4613d78abc288affected
LinuxLinux729988507680b2ce934bce61d9ce0ea7b235914c < adb7df8a8f9d788423e161b779764527dd3ec2d0affected
LinuxLinux729988507680b2ce934bce61d9ce0ea7b235914c < 076b13ee60eb01ed0d140ef261f95534562a3077affected
LinuxLinux729988507680b2ce934bce61d9ce0ea7b235914c < f211572818ed5bec2b3f5d4e0719ef8699b3c269affected
LinuxLinux729988507680b2ce934bce61d9ce0ea7b235914c < ed93c6f68a3be06e4e0c331c6e751f462dee3932affected
LinuxLinux3.14affected
LinuxLinux0 < 3.14unaffected
LinuxLinux5.4.297 <= 5.4.*unaffected
LinuxLinux5.10.241 <= 5.10.*unaffected
LinuxLinux5.15.190 <= 5.15.*unaffected
LinuxLinux6.1.147 <= 6.1.*unaffected
LinuxLinux6.6.100 <= 6.6.*unaffected
LinuxLinux6.12.40 <= 6.12.*unaffected
LinuxLinux6.15.8 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References