Medium severity5.5NVD Advisory· Published Feb 27, 2025· Updated Jun 17, 2026
CVE-2024-58008
CVE-2024-58008
Description
In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: dcp: fix improper sg use with CONFIG_VMAP_STACK=y
With vmalloc stack addresses enabled (CONFIG_VMAP_STACK=y) DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This is caused by improperly using sg_init_one() with vmalloc'd stack buffers (plain_key_blob).
Fix this by always using kmalloc() for buffers we give to the DCP crypto driver.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versions
< 6.11.0-1014.15+ 1 more
- (no CPE)range: < 6.11.0-1014.15
- (no CPE)range: >= 6.11.0, < 6.12.14
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.