Acknowledged
Created: Jul 28, 2025
Updated: Jan 7, 2026
Resolved Date: Jul 29, 2025
Found In Version: 10.25.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 25
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]comedi: das16m1: Fix bit shift out of bounds[EOL][EOL]When checking for a supported IRQ number, the following test is used:[EOL][EOL]\t/* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */[EOL]\tif ((1 << it->options[1]) & 0xdcfc) {[EOL][EOL]However, `it->options[i]` is an unchecked `int` value from userspace, so[EOL]the shift amount could be negative or out of bounds. Fix the test by[EOL]requiring `it->options[1]` to be within bounds before proceeding with[EOL]the original test.
CREATE(Triage):(User=admin) [CVE-2025-38483 (https://nvd.nist.gov/vuln/detail/CVE-2025-38483)
