PT-2025-52917 · Linux+4 · Linux Kernel+4

Published

2025-10-23

·

Updated

2026-06-16

·

CVE-2025-68724

CVSS v2.0

4.6

Medium

VectorAV:L/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description An integer overflow issue exists in the Linux kernel's asymmetric key handling. Specifically, a potential overflow can occur when adding binary blob lengths and the size of an asymmetric key id structure. This could lead to a buffer overflow when processing data from potentially malicious X.509 certificate fields, such as ASN.1 INTEGER serial numbers or issuer names. The check add overflow() function is used to prevent this overflow by returning an error if an overflow is detected.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-189

Related Identifiers

ALSA-2026:13577
ALSA-2026:13578
ALSA-2026:19569
ALSA-2026:21556
AZL-73159
BDU:2026-01154
CVE-2025-68724
ECHO-32A6-0081-C574
OESA-2026-1759
OESA-2026-1760
OESA-2026-1761
OPENSUSE-SU-2026:10039-1
OPENSUSE-SU-2026:10301-1
OPENSUSE-SU-2026:20145-1
RHSA-2026:13577
RHSA-2026:13578
RHSA-2026:19569
RHSA-2026:21556
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:1078-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8094-1
USN-8094-2
USN-8094-3
USN-8094-4
USN-8094-5
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8116-1
USN-8141-1
USN-8152-1
USN-8163-1
USN-8163-2
USN-8179-1
USN-8179-2
USN-8179-3
USN-8179-4
USN-8184-1
USN-8185-1
USN-8185-2
USN-8203-1
USN-8204-1
USN-8243-1
USN-8258-1
USN-8260-1
USN-8261-1
USN-8265-1
USN-8440-1

Affected Products

Debian
Linuxmint
Linux Kernel
Rocky Linux
Ubuntu