CVE ID : CVE-2025-37984
Published : May 20, 2025, 6:15 p.m. | 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
crypto: ecdsa – Harden against integer overflows in DIV_ROUND_UP()
Herbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa
implementation’s ->key_size() callback returns an unusually large value.
Herbert instead suggests (for a division by 8):
X / 8 + !!(X & 7)
Based on this formula, introduce a generic DIV_ROUND_UP_POW2() macro and
use it in lieu of DIV_ROUND_UP() for ->key_size() return values.
Additionally, use the macro in ecc_digits_from_bytes(), whose “nbytes”
parameter is a ->key_size() return value in some instances, or a
user-specified ASN.1 length in the case of ecdsa_get_signature_rs().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
