Integer Overflow Vulnerability in Linux Kernel's ECDSA Implementation
CVE-2025-37984

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
20 May 2025

What is CVE-2025-37984?

A vulnerability exists within the Linux kernel related to the ECDSA implementation that can lead to integer overflow due to improper handling of key sizes. Specifically, if an ECDSA implementation's ->key_size() callback returns a notably large value, the DIV_ROUND_UP() function could overflow. To mitigate this, a suggestion has been made to replace DIV_ROUND_UP() with a new macro, DIV_ROUND_UP_POW2(), which ensures safer calculations for key sizes. This fix is crucial for maintaining the integrity and security of cryptographic operations in affected versions of the Linux kernel.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 55779f26eab9af12474a447001bd17070f055712

Linux c6ab5c915da460c0397960af3c308386c3f3247b

Linux c6ab5c915da460c0397960af3c308386c3f3247b < 921b8167f10708e38080f84e195cdc68a7a561f1

References

https://git.kernel.org/stable/c/f02f0218be412cff1c844addf...
https://git.kernel.org/stable/c/f2133b849ff273abddb6da622...
https://git.kernel.org/stable/c/921b8167f10708e38080f84e1...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.