CVE-2025-68724

Vulnerability

CVE-2025-68724 is an integer overflow flaw in the Linux kernel's crypto/asymmetric_keys subsystem, specifically in the asymmetric_key_generate_id function. When constructing an asymmetric key identifier, the function adds together the lengths of binary blob fields (such as ASN.1 INTEGER serial numbers and issuer name strings) along with the size of an asymmetric_key_id structure. Without overflow protection, a maliciously crafted X.509 certificate containing unusually large fields could cause the summed length to wrap around to a small value, leading to a heap buffer overflow when copying data.

Exploitation

The attack vector is the loading of a crafted X.509 certificate into the kernel's keyring, for example through IMA or other trust validation mechanisms. An unprivileged user may be able to trigger the flaw if they can supply a malicious certificate file to a system that checks signatures or enrolls keys. No special network position is required beyond the ability to introduce a malformed certificate into the kernel's processing pipeline.

Impact

Successful exploitation could allow an attacker to corrupt kernel memory, potentially leading to arbitrary code execution with kernel privileges, a denial-of-service condition (crash), or the bypass of signature verification checks that depend on key identifiers.

Mitigation

The fix introduces the check_add_overflow() helper to detect integer overflows before they occur, returning ERR_PTR(-EOVERFLOW) upon overflow. The patch has been backported to multiple stable kernel releases as shown in the referenced commits [1][2][3][4]. Users and distributors should apply the updated kernel as soon as possible.