Acknowledged
Created: Nov 2, 2025
Updated: Nov 4, 2025
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]comedi: fix divide-by-zero in comedi_buf_munge()[EOL][EOL]The comedi_buf_munge() function performs a modulo operation[EOL]`async->munge_chan %= async->cmd.chanlist_len` without first[EOL]checking if chanlist_len is zero. If a user program submits a command with[EOL]chanlist_len set to zero, this causes a divide-by-zero error when the device[EOL]processes data in the interrupt handler path.[EOL][EOL]Add a check for zero chanlist_len at the beginning of the[EOL]function, similar to the existing checks for !map and[EOL]CMDF_RAWDATA flag. When chanlist_len is zero, update[EOL]munge_count and return early, indicating the data was[EOL]handled without munging.[EOL][EOL]This prevents potential kernel panics from malformed user commands.
