CVE-2025-38529

Updated: 2026-02-27 04:27:43.551079

Description:

In the Linux kernel, the following vulnerability has been resolved: comedi: aio_iiro_16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if ((1 << it->options[1]) & 0xdcfc) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test. Valid `it->options[1]` values that select the IRQ will be in the range [1,15]. The value 0 explicitly disables the use of interrupts.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x HIGH 7.1

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.1 HIGH Not Vulnerable 2026-01-12 17:45:36 CVE-2025-38529 is confined to the Linux COMEDI aio_iiro_16 driver (I/O Products PC/104 IIRO16 board)...
CentOS 8.4 ELS kernel 4.18.0 7.1 HIGH Not Vulnerable 2026-01-27 15:01:18 CVE-2025-38529 affects only the Comedi aio_iiro_16 driver in the Linux kernel; it is exploitable via...
CentOS 8.5 ELS kernel 4.18.0 7.1 HIGH Not Vulnerable 2026-01-27 15:01:19 CVE-2025-38529 affects only the Comedi aio_iiro_16 driver in the Linux kernel; it is exploitable via...
CentOS Stream 8 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2026:1770032032 2026-02-02 15:05:08
Oracle Linux 7 ELS kernel-uek 5.4.17 7.1 HIGH Released CLSA-2025:1764085382 2025-11-25 20:35:14
TuxCare 9.6 ESU kernel 5.14.0 7.1 HIGH Not Vulnerable 2026-01-12 17:45:37 CVE-2025-38529 is confined to the Linux COMEDI aio_iiro_16 driver (I/O Products PC/104 IIRO16 board)...
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.1 HIGH Needs Triage 2026-01-08 06:32:39
Ubuntu 16.04 ELS linux 4.4.0 7.1 HIGH Needs Triage 2026-01-08 06:45:33
Ubuntu 18.04 ELS linux 4.15.0 7.1 HIGH Needs Triage 2026-01-08 06:45:31
Ubuntu 20.04 ELS linux 5.4.0 7.1 HIGH In Testing 2026-02-05 13:17:48