CVE-2025-38482
published 2025-07-28CVE-2025-38482: In the Linux kernel, the following vulnerability has been resolved: comedi: das6402: Fix bit shift out of bounds When checking for a supported IRQ number, the…
high7.1CVSS 3.1
AVLACLPRLUINSUCHINAH
In the Linux kernel, the following vulnerability has been resolved:
comedi: das6402: Fix bit shift out of bounds
When checking for a supported IRQ number, the following test is used:
/* IRQs 2,3,5,6,7, 10,11,15 are valid for "enhanced" mode */
if ((1 options[1]) & 0x8cec) {
However, `it->options[i]` is an unchecked `int` value from userspace, so
the shift amount could be negative or out of bounds. Fix the test by
requiring `it->options[1]` to be within bounds before proceeding with
the original test. Valid `it->options[1]` values that select the IRQ
will be in the range [1,15]. The value 0 explicitly disables the use of
interrupts.
Affected
37 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 79e5e6addbb18bf56075f0ff552094a28636dd03 < a15e9c175f783298c4ee48146be6841335400406 | a15e9c175f783298c4ee48146be6841335400406 |
| linux | linux | >= 79e5e6addbb18bf56075f0ff552094a28636dd03 < de8da1063cce9234d55c8270d9bdf4cf84411c80 | de8da1063cce9234d55c8270d9bdf4cf84411c80 |
| linux | linux | >= 79e5e6addbb18bf56075f0ff552094a28636dd03 < 73f34d609397805c20d6b2ef5c07a4cbf7c4d63a | 73f34d609397805c20d6b2ef5c07a4cbf7c4d63a |
| linux | linux | >= 79e5e6addbb18bf56075f0ff552094a28636dd03 < a18a42e77545afcacd6a2b8d9fc16191b87454df | a18a42e77545afcacd6a2b8d9fc16191b87454df |
| linux | linux | >= 79e5e6addbb18bf56075f0ff552094a28636dd03 < 8a3637027ceeba4ca5e500b23cb7d24c25592513 | 8a3637027ceeba4ca5e500b23cb7d24c25592513 |
| linux | linux | >= 79e5e6addbb18bf56075f0ff552094a28636dd03 < 3eab654f5d199ecd45403c6588cda63e491fcfca | 3eab654f5d199ecd45403c6588cda63e491fcfca |
| linux | linux | >= 79e5e6addbb18bf56075f0ff552094a28636dd03 < 4a3c18cde02e35aba87e0ad5672b3e1c72dda5a4 | 4a3c18cde02e35aba87e0ad5672b3e1c72dda5a4 |
| linux | linux | >= 79e5e6addbb18bf56075f0ff552094a28636dd03 < 70f2b28b5243df557f51c054c20058ae207baaac | 70f2b28b5243df557f51c054c20058ae207baaac |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.41-1 | 6.12.41-1 |
| linux | linux_kernel | >= 0 < 6.16.3-1 | 6.16.3-1 |
| linux | linux_kernel | >= 0 < 5.15.0-163.173 | 5.15.0-163.173 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 3.15 < 5.4.297 | 5.4.297 |
| linux | linux_kernel | >= 5.11 < 5.15.190 | 5.15.190 |
| linux | linux_kernel | >= 5.16 < 6.1.147 | 6.1.147 |
| linux | linux_kernel | >= 5.5 < 5.10.241 | 5.10.241 |
| linux | linux_kernel | >= 6.13 < 6.15.8 | 6.15.8 |
| linux | linux_kernel | >= 6.2 < 6.6.100 | 6.6.100 |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
osv7.1HIGH