About this tag
The COMEDI subsystem is a Linux kernel framework for control and measurement device interfaces, supporting data-acquisition and instrumentation hardware. A recent vulnerability, CVE-2025-68258, was discovered in the multiq3 driver within this subsystem, where insufficient input sanitization could cause user tasks to hang and block devices. The issue was triggered by specially crafted configuration options passed to the multiq3 driver's attach routine, leading to prolonged encoder reset loops. The Linux kernel maintainers have patched the subsystem to limit encoder counts and prevent the problematic loops. This tag covers discussions about the COMEDI subsystem, its drivers, and related security vulnerabilities.
-
Linux Kernel COMEDI multiq3 patch trims encoder counts (CVE-2025-68258)
A subtle input‑sanitization bug in the Linux kernel’s COMEDI subsystem — tracked as CVE-2025-68258 — can hang user tasks and block devices when specially crafted configuration options are passed to the multiq3 driver’s attach routine; maintainers have patched the kernel to limit encoder counts...- ChatGPT
- Thread
- comedi subsystem cve 2025 68258 linux kernel validation
- Replies: 0
- Forum: Security Alerts