7.1

CVE-2025-38483

comedi: das16m1: Fix bit shift out of bounds

In the Linux kernel, the following vulnerability has been resolved:

comedi: das16m1: Fix bit shift out of bounds

When checking for a supported IRQ number, the following test is used:

	/* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */
	if ((1 << it->options[1]) & 0xdcfc) {

However, `it->options[i]` is an unchecked `int` value from userspace, so
the shift amount could be negative or out of bounds.  Fix the test by
requiring `it->options[1]` to be within bounds before proceeding with
the original test.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.14 < 5.4.297
LinuxLinux Kernel Version >= 5.5 < 5.10.241
LinuxLinux Kernel Version >= 5.11 < 5.15.190
LinuxLinux Kernel Version >= 5.16 < 6.1.147
LinuxLinux Kernel Version >= 6.2 < 6.6.100
LinuxLinux Kernel Version >= 6.7 < 6.12.40
LinuxLinux Kernel Version >= 6.13 < 6.15.8
LinuxLinux Kernel Version6.16 Updaterc1
LinuxLinux Kernel Version6.16 Updaterc2
LinuxLinux Kernel Version6.16 Updaterc3
LinuxLinux Kernel Version6.16 Updaterc4
LinuxLinux Kernel Version6.16 Updaterc5
LinuxLinux Kernel Version6.16 Updaterc6
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.055
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/65c03e6fc524eb2868abedffd8a4613d78abc288
Patch
https://git.kernel.org/stable/c/adb7df8a8f9d788423e161b779764527dd3ec2d0
Patch
https://git.kernel.org/stable/c/076b13ee60eb01ed0d140ef261f95534562a3077
Patch
https://git.kernel.org/stable/c/f211572818ed5bec2b3f5d4e0719ef8699b3c269
Patch
https://git.kernel.org/stable/c/ed93c6f68a3be06e4e0c331c6e751f462dee3932
Patch
https://git.kernel.org/stable/c/539bdff832adac9ea653859fa0b6bc62e743329c
Patch
https://git.kernel.org/stable/c/b3c95fa508e5dc3da60520eea92a5241095ceef1
Patch
https://git.kernel.org/stable/c/d1291c69f46d6572b2cf75960dd8975d7ab2176b
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory