CVE-2025-38530
published 2025-08-16CVE-2025-38530: In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the…
high7.1CVSS 3.1
AVLACLPRLUINSUCHINAH
In the Linux kernel, the following vulnerability has been resolved:
comedi: pcl812: Fix bit shift out of bounds
When checking for a supported IRQ number, the following test is used:
if ((1 options[1]) & board->irq_bits) {
However, `it->options[i]` is an unchecked `int` value from userspace, so
the shift amount could be negative or out of bounds. Fix the test by
requiring `it->options[1]` to be within bounds before proceeding with
the original test. Valid `it->options[1]` values that select the IRQ
will be in the range [1,15]. The value 0 explicitly disables the use of
interrupts.
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 < 374d9b3eb4b08407997ef1fce96119d31e0c0bc4 | 374d9b3eb4b08407997ef1fce96119d31e0c0bc4 |
| linux | linux | >= fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 < 0489c30d080f07cc7f09d04de723d8c2ccdb61ef | 0489c30d080f07cc7f09d04de723d8c2ccdb61ef |
| linux | linux | >= fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 < 29ef03e5b84431171d6b77b822985b54bc44b793 | 29ef03e5b84431171d6b77b822985b54bc44b793 |
| linux | linux | >= fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 < 5bfa301e1e59a9b1a7b62a800b54852337c97416 | 5bfa301e1e59a9b1a7b62a800b54852337c97416 |
| linux | linux | >= fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 < 7e470d8efd10725b189ca8951973a8425932398a | 7e470d8efd10725b189ca8951973a8425932398a |
| linux | linux | >= fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 < a27e27eee313fe1c450b6af1e80e64412546cab4 | a27e27eee313fe1c450b6af1e80e64412546cab4 |
| linux | linux | >= fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 < 16c173abee315953fd17a279352fec4a1faee862 | 16c173abee315953fd17a279352fec4a1faee862 |
| linux | linux | >= fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 < b14b076ce593f72585412fc7fd3747e03a5e3632 | b14b076ce593f72585412fc7fd3747e03a5e3632 |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.41-1 | 6.12.41-1 |
| linux | linux_kernel | >= 0 < 6.16.3-1 | 6.16.3-1 |
| linux | linux_kernel | >= 0 < 5.15.0-163.173 | 5.15.0-163.173 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 2.6.30 < 5.4.297 | 5.4.297 |
| linux | linux_kernel | >= 5.11 < 5.15.190 | 5.15.190 |
| linux | linux_kernel | >= 5.16 < 6.1.147 | 6.1.147 |
| linux | linux_kernel | >= 5.5 < 5.10.241 | 5.10.241 |
| linux | linux_kernel | >= 6.13 < 6.15.8 | 6.15.8 |
| linux | linux_kernel | >= 6.2 < 6.6.100 | 6.6.100 |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
osv7.1HIGH