-

CVE-2025-38482

EPSS 0.04%
Veröffentlicht 28.07.2025 11:21:47
Zuletzt bearbeitet 28.08.2025 15:15:50
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

comedi: das6402: Fix bit shift out of bounds

When checking for a supported IRQ number, the following test is used:

	/* IRQs 2,3,5,6,7, 10,11,15 are valid for "enhanced" mode */
	if ((1 << it->options[1]) & 0x8cec) {

However, `it->options[i]` is an unchecked `int` value from userspace, so
the shift amount could be negative or out of bounds.  Fix the test by
requiring `it->options[1]` to be within bounds before proceeding with
the original test.  Valid `it->options[1]` values that select the IRQ
will be in the range [1,15]. The value 0 explicitly disables the use of
interrupts.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < a15e9c175f783298c4ee48146be6841335400406

Version 79e5e6addbb18bf56075f0ff552094a28636dd03

Status affected

Version < de8da1063cce9234d55c8270d9bdf4cf84411c80

Version 79e5e6addbb18bf56075f0ff552094a28636dd03

Status affected

Version < 73f34d609397805c20d6b2ef5c07a4cbf7c4d63a

Version 79e5e6addbb18bf56075f0ff552094a28636dd03

Status affected

Version < a18a42e77545afcacd6a2b8d9fc16191b87454df

Version 79e5e6addbb18bf56075f0ff552094a28636dd03

Status affected

Version < 8a3637027ceeba4ca5e500b23cb7d24c25592513

Version 79e5e6addbb18bf56075f0ff552094a28636dd03

Status affected

Version < 3eab654f5d199ecd45403c6588cda63e491fcfca

Version 79e5e6addbb18bf56075f0ff552094a28636dd03

Status affected

Version < 4a3c18cde02e35aba87e0ad5672b3e1c72dda5a4

Version 79e5e6addbb18bf56075f0ff552094a28636dd03

Status affected

Version < 70f2b28b5243df557f51c054c20058ae207baaac

Version 79e5e6addbb18bf56075f0ff552094a28636dd03

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.15

Status affected

Version < 3.15

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.147

Status unaffected

Version <= 6.6.*

Version 6.6.100

Status unaffected

Version <= 6.12.*

Version 6.12.40

Status unaffected

Version <= 6.15.*

Version 6.15.8

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/a18a42e77545afcacd6a2b8d9fc16191b87454df

https://git.kernel.org/stable/c/8a3637027ceeba4ca5e500b23cb7d24c25592513

https://git.kernel.org/stable/c/3eab654f5d199ecd45403c6588cda63e491fcfca

https://git.kernel.org/stable/c/4a3c18cde02e35aba87e0ad5672b3e1c72dda5a4

https://git.kernel.org/stable/c/70f2b28b5243df557f51c054c20058ae207baaac

https://git.kernel.org/stable/c/73f34d609397805c20d6b2ef5c07a4cbf7c4d63a

https://git.kernel.org/stable/c/a15e9c175f783298c4ee48146be6841335400406

https://git.kernel.org/stable/c/de8da1063cce9234d55c8270d9bdf4cf84411c80

https://nvd.nist.gov/vuln/detail/CVE-2025-38482

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38482

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38482

EUVD