CVE-2025-38483

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-38483
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38483.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38483
Downstream
Related
Published
2025-07-28T11:21:47.895Z
Modified
2026-03-20T12:42:53.183717Z
Summary
comedi: das16m1: Fix bit shift out of bounds
Details

In the Linux kernel, the following vulnerability has been resolved:

comedi: das16m1: Fix bit shift out of bounds

When checking for a supported IRQ number, the following test is used:

/* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */
if ((1 << it->options[1]) & 0xdcfc) {

However, it->options[i] is an unchecked int value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring it->options[1] to be within bounds before proceeding with the original test.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38483.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
729988507680b2ce934bce61d9ce0ea7b235914c
Fixed
539bdff832adac9ea653859fa0b6bc62e743329c
Fixed
d1291c69f46d6572b2cf75960dd8975d7ab2176b
Fixed
b3c95fa508e5dc3da60520eea92a5241095ceef1
Fixed
65c03e6fc524eb2868abedffd8a4613d78abc288
Fixed
adb7df8a8f9d788423e161b779764527dd3ec2d0
Fixed
076b13ee60eb01ed0d140ef261f95534562a3077
Fixed
f211572818ed5bec2b3f5d4e0719ef8699b3c269
Fixed
ed93c6f68a3be06e4e0c331c6e751f462dee3932

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38483.json"