-

CVE-2025-38483

EPSS 0.04%
Veröffentlicht 28.07.2025 11:21:47
Zuletzt bearbeitet 28.08.2025 15:15:50
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

comedi: das16m1: Fix bit shift out of bounds

When checking for a supported IRQ number, the following test is used:

	/* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */
	if ((1 << it->options[1]) & 0xdcfc) {

However, `it->options[i]` is an unchecked `int` value from userspace, so
the shift amount could be negative or out of bounds.  Fix the test by
requiring `it->options[1]` to be within bounds before proceeding with
the original test.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 539bdff832adac9ea653859fa0b6bc62e743329c

Version 729988507680b2ce934bce61d9ce0ea7b235914c

Status affected

Version < d1291c69f46d6572b2cf75960dd8975d7ab2176b

Version 729988507680b2ce934bce61d9ce0ea7b235914c

Status affected

Version < b3c95fa508e5dc3da60520eea92a5241095ceef1

Version 729988507680b2ce934bce61d9ce0ea7b235914c

Status affected

Version < 65c03e6fc524eb2868abedffd8a4613d78abc288

Version 729988507680b2ce934bce61d9ce0ea7b235914c

Status affected

Version < adb7df8a8f9d788423e161b779764527dd3ec2d0

Version 729988507680b2ce934bce61d9ce0ea7b235914c

Status affected

Version < 076b13ee60eb01ed0d140ef261f95534562a3077

Version 729988507680b2ce934bce61d9ce0ea7b235914c

Status affected

Version < f211572818ed5bec2b3f5d4e0719ef8699b3c269

Version 729988507680b2ce934bce61d9ce0ea7b235914c

Status affected

Version < ed93c6f68a3be06e4e0c331c6e751f462dee3932

Version 729988507680b2ce934bce61d9ce0ea7b235914c

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.14

Status affected

Version < 3.14

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.147

Status unaffected

Version <= 6.6.*

Version 6.6.100

Status unaffected

Version <= 6.12.*

Version 6.12.40

Status unaffected

Version <= 6.15.*

Version 6.15.8

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/65c03e6fc524eb2868abedffd8a4613d78abc288

https://git.kernel.org/stable/c/adb7df8a8f9d788423e161b779764527dd3ec2d0

https://git.kernel.org/stable/c/076b13ee60eb01ed0d140ef261f95534562a3077

https://git.kernel.org/stable/c/f211572818ed5bec2b3f5d4e0719ef8699b3c269

https://git.kernel.org/stable/c/ed93c6f68a3be06e4e0c331c6e751f462dee3932

https://git.kernel.org/stable/c/539bdff832adac9ea653859fa0b6bc62e743329c

https://git.kernel.org/stable/c/b3c95fa508e5dc3da60520eea92a5241095ceef1

https://git.kernel.org/stable/c/d1291c69f46d6572b2cf75960dd8975d7ab2176b

https://nvd.nist.gov/vuln/detail/CVE-2025-38483

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38483

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38483

EUVD