CVE-2025-38482

Description

In the Linux kernel, the following vulnerability has been resolved: comedi: das6402: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: /* IRQs 2,3,5,6,7, 10,11,15 are valid for "enhanced" mode */ if ((1 << it->options[1]) & 0x8cec) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test. Valid `it->options[1]` values that select the IRQ will be in the range [1,15]. The value 0 explicitly disables the use of interrupts.

Reserved 2025-04-16 | Published 2025-07-28 | Updated 2025-07-28 | Assigner Linux

Product status

Default status
unaffected

79e5e6addbb18bf56075f0ff552094a28636dd03 before a18a42e77545afcacd6a2b8d9fc16191b87454df
affected

79e5e6addbb18bf56075f0ff552094a28636dd03 before 8a3637027ceeba4ca5e500b23cb7d24c25592513
affected

79e5e6addbb18bf56075f0ff552094a28636dd03 before 3eab654f5d199ecd45403c6588cda63e491fcfca
affected

79e5e6addbb18bf56075f0ff552094a28636dd03 before 4a3c18cde02e35aba87e0ad5672b3e1c72dda5a4
affected

79e5e6addbb18bf56075f0ff552094a28636dd03 before 70f2b28b5243df557f51c054c20058ae207baaac
affected

Default status
affected

3.15
affected

Any version before 3.15
unaffected

6.1.147
unaffected

6.6.100
unaffected

6.12.40
unaffected

6.15.8
unaffected

6.16
unaffected

References

git.kernel.org/...c/a18a42e77545afcacd6a2b8d9fc16191b87454df

git.kernel.org/...c/8a3637027ceeba4ca5e500b23cb7d24c25592513

git.kernel.org/...c/3eab654f5d199ecd45403c6588cda63e491fcfca

git.kernel.org/...c/4a3c18cde02e35aba87e0ad5672b3e1c72dda5a4

git.kernel.org/...c/70f2b28b5243df557f51c054c20058ae207baaac

cve.org (CVE-2025-38482)

nvd.nist.gov (CVE-2025-38482)

Download JSON