AZL-65922

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65922.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-65922

Upstream

CVE-2025-38481

Published

2025-07-28T12:15:29Z

Modified

2026-04-01T05:20:40.092527Z

Summary

CVE-2025-38481 affecting package kernel for versions less than 6.6.104.2-1

Details

In the Linux kernel, the following vulnerability has been resolved:

comedi: Fail COMEDIINSNLIST ioctl if ninsns is too large

The handling of the COMEDI_INSNLIST ioctl allocates a kernel buffer to hold the array of struct comedi_insn, getting the length from the n_insns member of the struct comedi_insnlist supplied by the user. The allocation will fail with a WARNING and a stack dump if it is too large.

Avoid that by failing with an -EINVAL error if the supplied n_insns value is unreasonable.

Define the limit on the n_insns value in the MAX_INSNS macro. Set this to the same value as MAX_SAMPLES (65536), which is the maximum allowed sum of the values of the member n in the array of struct comedi_insn, and sensible comedi instructions will have an n of at least 1.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-38481

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.104.2-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65922.json"