CVE-2025-38482
Published: Jul 28, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: comedi: das6402: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: /* IRQs 2,3,5,6,7, 10,11,15 are valid for "enhanced" mode */ if ((1 << it->options[1]) & 0x8cec) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test. Valid `it->options[1]` values that select the IRQ will be in the range [1,15]. The value 0 explicitly disables the use of interrupts.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 79e5e6addbb18bf56075f0ff552094a28636dd03 - < a15e9c175f783298c4ee48146be6841335400406affected 79e5e6addbb18bf56075f0ff552094a28636dd03 - < de8da1063cce9234d55c8270d9bdf4cf84411c80affected 79e5e6addbb18bf56075f0ff552094a28636dd03 - < 73f34d609397805c20d6b2ef5c07a4cbf7c4d63aaffected 79e5e6addbb18bf56075f0ff552094a28636dd03 - < a18a42e77545afcacd6a2b8d9fc16191b87454dfaffected 79e5e6addbb18bf56075f0ff552094a28636dd03 - < 8a3637027ceeba4ca5e500b23cb7d24c25592513+3 more versions |
Linux | Linux | affected 3.15unaffected 0 - < 3.15unaffected 5.4.297 - <= 5.4.*unaffected 5.10.241 - <= 5.10.*unaffected 5.15.190 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now