Linux Kernel QAT RSA Request Integer Underflow Vulnerability

Vulnerability

A vulnerability in the Linux kernel's Crypto QAT (QuickAssist Technology) component could lead to an integer underflow. This issue arises when RSAReject requests contain a source buffer larger than the key size, allowing for improper copying of the source scatterlist into a linear buffer. The vulnerability has been addressed by adding parameter checks to reject such requests.

Impact

Exploitation of this vulnerability could cause an integer underflow, potentially leading to memory corruption or other unintended behavior.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel QAT RSA Request Integer Underflow Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating