Home

Description

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if ((1 << it->options[1]) & board->irq_bits) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test. Valid `it->options[1]` values that select the IRQ will be in the range [1,15]. The value 0 explicitly disables the use of interrupts.

PUBLISHED Reserved 2025-04-16 | Published 2025-08-16 | Updated 2025-08-28 | Assigner Linux

Product status

Default status
unaffected

fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 before 374d9b3eb4b08407997ef1fce96119d31e0c0bc4
affected

fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 before 0489c30d080f07cc7f09d04de723d8c2ccdb61ef
affected

fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 before 29ef03e5b84431171d6b77b822985b54bc44b793
affected

fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 before 5bfa301e1e59a9b1a7b62a800b54852337c97416
affected

fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 before 7e470d8efd10725b189ca8951973a8425932398a
affected

fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 before a27e27eee313fe1c450b6af1e80e64412546cab4
affected

fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 before 16c173abee315953fd17a279352fec4a1faee862
affected

fcdb427bc7cf5e9e5d7280cf09c08dec49b49432 before b14b076ce593f72585412fc7fd3747e03a5e3632
affected

Default status
affected

2.6.30
affected

Any version before 2.6.30
unaffected

5.4.297
unaffected

5.10.241
unaffected

5.15.190
unaffected

6.1.147
unaffected

6.6.100
unaffected

6.12.40
unaffected

6.15.8
unaffected

6.16
unaffected

References

git.kernel.org/...c/374d9b3eb4b08407997ef1fce96119d31e0c0bc4

git.kernel.org/...c/0489c30d080f07cc7f09d04de723d8c2ccdb61ef

git.kernel.org/...c/29ef03e5b84431171d6b77b822985b54bc44b793

git.kernel.org/...c/5bfa301e1e59a9b1a7b62a800b54852337c97416

git.kernel.org/...c/7e470d8efd10725b189ca8951973a8425932398a

git.kernel.org/...c/a27e27eee313fe1c450b6af1e80e64412546cab4

git.kernel.org/...c/16c173abee315953fd17a279352fec4a1faee862

git.kernel.org/...c/b14b076ce593f72585412fc7fd3747e03a5e3632

cve.org (CVE-2025-38530)

nvd.nist.gov (CVE-2025-38530)

Download JSON