CVE-2024-58008

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-58008

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58008.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-58008

Downstream

BELL-CVE-2024-58008

DEBIAN-CVE-2024-58008

UBUNTU-CVE-2024-58008

USN-7521-1

USN-7521-3

Related

USN-7521-2

Published

2025-02-27T03:15:11Z

Modified

2025-08-09T20:01:27Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

KEYS: trusted: dcp: fix improper sg use with CONFIGVMAPSTACK=y

With vmalloc stack addresses enabled (CONFIGVMAPSTACK=y) DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This is caused by improperly using sginitone() with vmalloc'd stack buffers (plainkeyblob).

Fix this by always using kmalloc() for buffers we give to the DCP crypto driver.

References

Affected packages