mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
1.3 KiB
1.3 KiB
CVE-2025-38482
Description
In the Linux kernel, the following vulnerability has been resolved:comedi: das6402: Fix bit shift out of boundsWhen checking for a supported IRQ number, the following test is used: /* IRQs 2,3,5,6,7, 10,11,15 are valid for "enhanced" mode */ if ((1 << it->options[1]) & 0x8cec) {However, it->options[i] is an unchecked int value from userspace, sothe shift amount could be negative or out of bounds. Fix the test byrequiring it->options[1] to be within bounds before proceeding withthe original test. Valid it->options[1] values that select the IRQwill be in the range [1,15]. The value 0 explicitly disables the use ofinterrupts.
POC
Reference
No PoCs from references.