Linux Kernel Comedi DAS16M1 Bit Shift Vulnerability in IRQ Number Validation

Vulnerability

A vulnerability in the Linux kernel's Comedi driver for the DAS16M1 device allows for improper handling of interrupt request (IRQ) numbers. The issue arises because the IRQ validation test uses an unchecked integer value from userspace, which can lead to negative or out-of-bounds shift amounts. This flaw has been addressed by modifying the validation process to ensure the IRQ number is within acceptable limits before performing the original test.

Impact

Exploitation of this vulnerability could lead to incorrect IRQ handling, potentially causing disruptions in device communication or functionality.

Added: Jul 28, 2025, 12:53 PM

Updated: Jul 28, 2025, 12:53 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.3

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.3

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Comedi DAS16M1 Bit Shift Vulnerability in IRQ Number Validation

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating