-

CVE-2025-38530

EPSS 0.04%
Veröffentlicht 16.08.2025 11:12:23
Zuletzt bearbeitet 28.08.2025 15:15:51
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

comedi: pcl812: Fix bit shift out of bounds

When checking for a supported IRQ number, the following test is used:

	if ((1 << it->options[1]) & board->irq_bits) {

However, `it->options[i]` is an unchecked `int` value from userspace, so
the shift amount could be negative or out of bounds.  Fix the test by
requiring `it->options[1]` to be within bounds before proceeding with
the original test.  Valid `it->options[1]` values that select the IRQ
will be in the range [1,15]. The value 0 explicitly disables the use of
interrupts.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 374d9b3eb4b08407997ef1fce96119d31e0c0bc4

Version fcdb427bc7cf5e9e5d7280cf09c08dec49b49432

Status affected

Version < 0489c30d080f07cc7f09d04de723d8c2ccdb61ef

Version fcdb427bc7cf5e9e5d7280cf09c08dec49b49432

Status affected

Version < 29ef03e5b84431171d6b77b822985b54bc44b793

Version fcdb427bc7cf5e9e5d7280cf09c08dec49b49432

Status affected

Version < 5bfa301e1e59a9b1a7b62a800b54852337c97416

Version fcdb427bc7cf5e9e5d7280cf09c08dec49b49432

Status affected

Version < 7e470d8efd10725b189ca8951973a8425932398a

Version fcdb427bc7cf5e9e5d7280cf09c08dec49b49432

Status affected

Version < a27e27eee313fe1c450b6af1e80e64412546cab4

Version fcdb427bc7cf5e9e5d7280cf09c08dec49b49432

Status affected

Version < 16c173abee315953fd17a279352fec4a1faee862

Version fcdb427bc7cf5e9e5d7280cf09c08dec49b49432

Status affected

Version < b14b076ce593f72585412fc7fd3747e03a5e3632

Version fcdb427bc7cf5e9e5d7280cf09c08dec49b49432

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.30

Status affected

Version < 2.6.30

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.147

Status unaffected

Version <= 6.6.*

Version 6.6.100

Status unaffected

Version <= 6.12.*

Version 6.12.40

Status unaffected

Version <= 6.15.*

Version 6.15.8

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/5bfa301e1e59a9b1a7b62a800b54852337c97416

https://git.kernel.org/stable/c/7e470d8efd10725b189ca8951973a8425932398a

https://git.kernel.org/stable/c/a27e27eee313fe1c450b6af1e80e64412546cab4

https://git.kernel.org/stable/c/16c173abee315953fd17a279352fec4a1faee862

https://git.kernel.org/stable/c/b14b076ce593f72585412fc7fd3747e03a5e3632

https://git.kernel.org/stable/c/0489c30d080f07cc7f09d04de723d8c2ccdb61ef

https://git.kernel.org/stable/c/29ef03e5b84431171d6b77b822985b54bc44b793

https://git.kernel.org/stable/c/374d9b3eb4b08407997ef1fce96119d31e0c0bc4

https://nvd.nist.gov/vuln/detail/CVE-2025-38530

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38530

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38530

EUVD