You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 37984
About this tag
CVE-2025-37984 is a Linux kernel vulnerability involving an ECDSA hardening fix related to the DIV_ROUND_UP() function. Microsoft's MSRC entry confirms that Azure Linux ships the implicated component and should be treated as potentially affected. The vulnerability is scoped to Azure Linux, and the fix addresses a flaw in the kernel's ECDSA implementation. Discussions on WindowsForum clarify that Microsoft's attestation is product-scoped and does not rule out the possibility of other Microsoft products containing the same vulnerable upstream code. Users seeking details on this CVE will find explanations of the technical background, the affected Azure Linux product, and the nature of the kernel patch.
Microsoft’s short MSRC entry for CVE-2025-37984 — the Linux-kernel ECDSA hardening fix around DIV_ROUND_UP() — is accurate for the product it names, but it is not a categorical statement that no other Microsoft product could contain the same vulnerable upstream code; instead it is a...