U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2025-38483 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: comedi: das16m1: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: /* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */ if ((1 << it->options[1]) & 0xdcfc) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/076b13ee60eb01ed0d140ef261f95534562a3077 kernel.org
https://git.kernel.org/stable/c/539bdff832adac9ea653859fa0b6bc62e743329c kernel.org
https://git.kernel.org/stable/c/65c03e6fc524eb2868abedffd8a4613d78abc288 kernel.org
https://git.kernel.org/stable/c/adb7df8a8f9d788423e161b779764527dd3ec2d0 kernel.org
https://git.kernel.org/stable/c/b3c95fa508e5dc3da60520eea92a5241095ceef1 kernel.org
https://git.kernel.org/stable/c/d1291c69f46d6572b2cf75960dd8975d7ab2176b kernel.org
https://git.kernel.org/stable/c/ed93c6f68a3be06e4e0c331c6e751f462dee3932 kernel.org
https://git.kernel.org/stable/c/f211572818ed5bec2b3f5d4e0719ef8699b3c269 kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

2 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2025-38483
NVD Published Date:
07/28/2025
NVD Last Modified:
08/28/2025
Source:
kernel.org