CVE-2022-50621

medium

Description

In the Linux kernel, the following vulnerability has been resolved: dm: verity-loadpin: Only trust verity targets with enforcement Verity targets can be configured to ignore corrupted data blocks. LoadPin must only trust verity targets that are configured to perform some kind of enforcement when data corruption is detected, like returning an error, restarting the system or triggering a panic.

References

https://git.kernel.org/stable/c/cb1f5b76e39d86c98722696bdf632987aa777b83

https://git.kernel.org/stable/c/916ef6232cc4b84db7082b4c3d3cf1753d9462ba

Details

Source: Mitre, NVD

Published: 2025-12-08

Updated: 2025-12-08

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018