Out-of-bounds Shift Vulnerability in Linux Kernel Affecting Comedi Driver
CVE-2025-38483

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 July 2025

What is CVE-2025-38483?

A vulnerability exists in the Linux kernel's Comedi driver that can allow an attacker to trigger a bit shift operation using unchecked user-supplied input. Specifically, the potential for an out-of-bounds shift arises from validation issues around the IRQ number, which could lead to unexpected behavior or exploitation. Developers are urged to implement strict input validation to ensure that the shift amount is within the valid range before performing any operations.

Affected Version(s)

Linux 729988507680b2ce934bce61d9ce0ea7b235914c < 65c03e6fc524eb2868abedffd8a4613d78abc288

Linux 729988507680b2ce934bce61d9ce0ea7b235914c

Linux 729988507680b2ce934bce61d9ce0ea7b235914c < 076b13ee60eb01ed0d140ef261f95534562a3077

References

https://git.kernel.org/stable/c/65c03e6fc524eb2868abedffd...

https://git.kernel.org/stable/c/adb7df8a8f9d788423e161b77...

https://git.kernel.org/stable/c/076b13ee60eb01ed0d140ef26...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 28, 2025
Vulnerability Reserved
Apr 16, 2025