7.1

CVE-2025-38529

comedi: aio_iiro_16: Fix bit shift out of bounds

In the Linux kernel, the following vulnerability has been resolved:

comedi: aio_iiro_16: Fix bit shift out of bounds

When checking for a supported IRQ number, the following test is used:

	if ((1 << it->options[1]) & 0xdcfc) {

However, `it->options[i]` is an unchecked `int` value from userspace, so
the shift amount could be negative or out of bounds.  Fix the test by
requiring `it->options[1]` to be within bounds before proceeding with
the original test.  Valid `it->options[1]` values that select the IRQ
will be in the range [1,15]. The value 0 explicitly disables the use of
interrupts.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.0 < 5.4.297
LinuxLinux Kernel Version >= 5.5 < 5.10.241
LinuxLinux Kernel Version >= 5.11 < 5.15.190
LinuxLinux Kernel Version >= 5.16 < 6.1.147
LinuxLinux Kernel Version >= 6.2 < 6.6.100
LinuxLinux Kernel Version >= 6.7 < 6.12.40
LinuxLinux Kernel Version >= 6.13 < 6.15.8
LinuxLinux Kernel Version6.16 Updaterc1
LinuxLinux Kernel Version6.16 Updaterc2
LinuxLinux Kernel Version6.16 Updaterc3
LinuxLinux Kernel Version6.16 Updaterc4
LinuxLinux Kernel Version6.16 Updaterc5
LinuxLinux Kernel Version6.16 Updaterc6
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.058
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/ff30dd3f15f443d2a0085b12ec2cc95d44f35fa7
Patch
https://git.kernel.org/stable/c/955e8835855fed8e87f7d8c8075564a1746c1b4c
Patch
https://git.kernel.org/stable/c/e0f3c0867d7d231c70984f05c97752caacd0daba
Patch
https://git.kernel.org/stable/c/43ddd82e6a91913cea1c078e782afd8de60c3a53
Patch
https://git.kernel.org/stable/c/66acb1586737a22dd7b78abc63213b1bcaa100e4
Patch
https://git.kernel.org/stable/c/5ac7c60439236fb691b8c7987390e2327bbf18fa
Patch
https://git.kernel.org/stable/c/a88692245c315bf8e225f205297a6f4b13d6856a
Patch
https://git.kernel.org/stable/c/c593215385f0c0163015cca4512ed3ff42875d19
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
Mailing List