CVE-2024-58008

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-58008
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58008.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-58008
Downstream
Related
Published
2025-02-27T02:12:04.100Z
Modified
2026-03-09T23:57:24.795668Z
Summary
KEYS: trusted: dcp: fix improper sg use with CONFIG_VMAP_STACK=y
Details

In the Linux kernel, the following vulnerability has been resolved:

KEYS: trusted: dcp: fix improper sg use with CONFIGVMAPSTACK=y

With vmalloc stack addresses enabled (CONFIGVMAPSTACK=y) DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This is caused by improperly using sginitone() with vmalloc'd stack buffers (plainkeyblob).

Fix this by always using kmalloc() for buffers we give to the DCP crypto driver.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58008.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0e28bf61a5f9ab30be3f3b4eafb8d097e39446bb
Fixed
3192f1c54dddb9b5820bf5e8677809949d8e9c66
Fixed
3355594de46fb1cba663f12b9644b664b8a609f4
Fixed
e8d9fab39d1f87b52932646b2f1e7877aa3fc0f4
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9e3b266afcfe4294e84496f50f006f029d3100db

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58008.json"