CVE-2025-38483
Analyzed Analyzed - Analysis Complete
BaseFortify

Publication date: 2025-07-28

Last updated on: 2026-01-07

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: comedi: das16m1: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: /* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */ if ((1 << it->options[1]) & 0xdcfc) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-28
Last Modified
2026-01-07
Generated
2026-05-07
AI Q&A
2025-07-28
EPSS Evaluated
2026-05-05
NVD
CVE-2025-38483
Affected Vendors & Products
Showing 14 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 3.14 (inc) to 5.4.297 (exc)
linux linux_kernel From 5.5 (inc) to 5.10.241 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.190 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.147 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.100 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.40 (exc)
linux linux_kernel From 6.13 (inc) to 6.15.8 (exc)
linux linux_kernel 6.16
linux linux_kernel 6.16
linux linux_kernel 6.16
linux linux_kernel 6.16
linux linux_kernel 6.16
linux linux_kernel 6.16
debian debian_linux 11.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a bit shift out of bounds error in the Linux kernel's comedi das16m1 driver. The code performs a bit shift operation using a value from userspace without checking if the shift amount is within valid bounds. This can lead to shifting by a negative or excessively large number, which is unsafe. The fix involves validating that the shift amount is within acceptable limits before performing the bit shift.


How can this vulnerability impact me? :

Because the vulnerability involves an unchecked bit shift using user-supplied input, it could potentially lead to unexpected behavior or crashes in the kernel driver. This might be exploited to cause denial of service or other unintended effects, depending on how the driver is used.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update the Linux kernel to a version where the das16m1 driver has the fix for the bit shift out of bounds issue. This fix ensures that the IRQ number check validates that the shift amount is within bounds before performing the bit shift operation, preventing potential out-of-bounds shifts caused by unchecked user input.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart