CVE-2022-50621
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
dm: verity-loadpin: Only trust verity targets with enforcement
Verity targets can be configured to ignore corrupted data blocks. LoadPin must only trust verity targets that are configured to perform some kind of enforcement when data corruption is detected, like returning an error, restarting the system or triggering a panic.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | b6c1c5745ccc68ac5d57c7ffb51ea25a86d0e97b < cb1f5b76e39d86c98722696bdf632987aa777b83 | affected |
| Linux | Linux | b6c1c5745ccc68ac5d57c7ffb51ea25a86d0e97b < 916ef6232cc4b84db7082b4c3d3cf1753d9462ba | affected |
| Linux | Linux | 6.0 | affected |
| Linux | Linux | 0 < 6.0 | unaffected |
| Linux | Linux | 6.0.3 <= 6.0.* | unaffected |
| Linux | Linux | 6.1 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/cb1f5b76e39d86c98722696bdf632987aa777b83
- https://git.kernel.org/stable/c/916ef6232cc4b84db7082b4c3d3cf1753d9462ba
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.