CVE-2025-37984
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() Herbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa implementation's ->key_size() callback returns an unusually large value. Herbert instead suggests (for a division by 8): X / 8 + !!(X & 7) Based on this formula, introduce a generic DIV_ROUND_UP_POW2() macro and use it in lieu of DIV_ROUND_UP() for ->key_size() return values. Additionally, use the macro in ecc_digits_from_bytes(), whose "nbytes" parameter is a ->key_size() return value in some instances, or a user-specified ASN.1 length in the case of ecdsa_get_signature_rs().
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Trends
Current EPSS score: 0.08%• Percentile: 24%
Techniques & Countermeasures
- CWE-190•Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Affected Systems
- linux•linux
≥ 55779f26eab9af12474a447001bd17070f055712, < f02f0218be412cff1c844addf58e002071be298b | ≥ c6ab5c915da460c0397960af3c308386c3f3247b, < f2133b849ff273abddb6da622daddd8f6f6fa448 | ≥ c6ab5c915da460c0397960af3c308386c3f3247b, < 921b8167f10708e38080f84e195cdc68a7a561f1 | ≥ c6ab5c915da460c0397960af3c308386c3f3247b, < b16510a530d1e6ab9683f04f8fb34f2e0f538275 | ≥ 6.6.70, < 6.6.99 | 6.10
- linux•linux_kernel
≥ 6.6.70, < 6.6.99 | ≥ 6.10, < 6.12.39 | ≥ 6.13, < 6.14.5