CVE-2022-50621

In the Linux kernel, the following vulnerability has been resolved:

dm: verity-loadpin: Only trust verity targets with enforcement

Verity targets can be configured to ignore corrupted data blocks.
LoadPin must only trust verity targets that are configured to
perform some kind of enforcement when data corruption is detected,
like returning an error, restarting the system or triggering a
panic.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/916ef6232cc4b84db7082b4c3d3cf1753d9462ba
https://git.kernel.org/stable/c/cb1f5b76e39d86c98722696bdf632987aa777b83