Herbert

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability in the Linux kernel has been resolved, specifically in the crypto: ecdsa component. The issue arises from potential integer overflows in the DIV ROUND UP() function, which can occur if an ecdsa implementation's ->key size() callback returns an unusually large value. To address this, a new macro called DIV ROUND UP POW2() has been introduced to replace DIV ROUND UP() for ->key size() return values, providing a more robust calculation method. This macro is also used in the ecc digits from bytes() function, where the "nbytes" parameter can be a ->key size() return value or a user-specified ASN.1 length. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.