CVE-2025-38529
Published: Aug 16, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: comedi: aio_iiro_16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if ((1 << it->options[1]) & 0xdcfc) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test. Valid `it->options[1]` values that select the IRQ will be in the range [1,15]. The value 0 explicitly disables the use of interrupts.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected ad7a370c8be47247f68f7187cc82f4f25a347116 - < a88692245c315bf8e225f205297a6f4b13d6856aaffected ad7a370c8be47247f68f7187cc82f4f25a347116 - < 5ac7c60439236fb691b8c7987390e2327bbf18faaffected ad7a370c8be47247f68f7187cc82f4f25a347116 - < c593215385f0c0163015cca4512ed3ff42875d19affected ad7a370c8be47247f68f7187cc82f4f25a347116 - < ff30dd3f15f443d2a0085b12ec2cc95d44f35fa7affected ad7a370c8be47247f68f7187cc82f4f25a347116 - < 955e8835855fed8e87f7d8c8075564a1746c1b4c+3 more versions |
Linux | Linux | affected 4.0unaffected 0 - < 4.0unaffected 5.4.297 - <= 5.4.*unaffected 5.10.241 - <= 5.10.*unaffected 5.15.190 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now