ghsa-p8pc-4q8f-r225
Vulnerability from github
Published
2025-05-20 18:30
Modified
2025-07-25 15:30
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP()

Herbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa implementation's ->key_size() callback returns an unusually large value. Herbert instead suggests (for a division by 8):

X / 8 + !!(X & 7)

Based on this formula, introduce a generic DIV_ROUND_UP_POW2() macro and use it in lieu of DIV_ROUND_UP() for ->key_size() return values.

Additionally, use the macro in ecc_digits_from_bytes(), whose "nbytes" parameter is a ->key_size() return value in some instances, or a user-specified ASN.1 length in the case of ecdsa_get_signature_rs().

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2025-37984"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-20T18:15:45Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP()\n\nHerbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa\nimplementation\u0027s -\u003ekey_size() callback returns an unusually large value.\nHerbert instead suggests (for a division by 8):\n\n  X / 8 + !!(X \u0026 7)\n\nBased on this formula, introduce a generic DIV_ROUND_UP_POW2() macro and\nuse it in lieu of DIV_ROUND_UP() for -\u003ekey_size() return values.\n\nAdditionally, use the macro in ecc_digits_from_bytes(), whose \"nbytes\"\nparameter is a -\u003ekey_size() return value in some instances, or a\nuser-specified ASN.1 length in the case of ecdsa_get_signature_rs().",
  "id": "GHSA-p8pc-4q8f-r225",
  "modified": "2025-07-25T15:30:26Z",
  "published": "2025-05-20T18:30:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37984"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/921b8167f10708e38080f84e195cdc68a7a561f1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b16510a530d1e6ab9683f04f8fb34f2e0f538275"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f02f0218be412cff1c844addf58e002071be298b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f2133b849ff273abddb6da622daddd8f6f6fa448"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.