CVE-2025-37984

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/921b8167f10708e38080f84e195cdc68a7a561f1", "name": "https://git.kernel.org/stable/c/921b8167f10708e38080f84e195cdc68a7a561f1", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/b16510a530d1e6ab9683f04f8fb34f2e0f538275", "name": "https://git.kernel.org/stable/c/b16510a530d1e6ab9683f04f8fb34f2e0f538275", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/f02f0218be412cff1c844addf58e002071be298b", "name": "https://git.kernel.org/stable/c/f02f0218be412cff1c844addf58e002071be298b", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/f2133b849ff273abddb6da622daddd8f6f6fa448", "name": "https://git.kernel.org/stable/c/f2133b849ff273abddb6da622daddd8f6f6fa448", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP()\n\nHerbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa\nimplementation's ->key_size() callback returns an unusually large value.\nHerbert instead suggests (for a division by 8):\n\n X / 8 + !!(X & 7)\n\nBased on this formula, introduce a generic DIV_ROUND_UP_POW2() macro and\nuse it in lieu of DIV_ROUND_UP() for ->key_size() return values.\n\nAdditionally, use the macro in ecc_digits_from_bytes(), whose \"nbytes\"\nparameter is a ->key_size() return value in some instances, or a\nuser-specified ASN.1 length in the case of ecdsa_get_signature_rs()."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-37984", "ASSIGNER": "cve@kernel.org"}}, "impact": {}, "publishedDate": "2025-05-20T18:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-25T14:15Z"}