{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2022-50621", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-08T01:14:55.189Z", "datePublished": "2025-12-08T01:16:34.861Z", "dateUpdated": "2025-12-08T01:16:34.861Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-08T01:16:34.861Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: verity-loadpin: Only trust verity targets with enforcement\n\nVerity targets can be configured to ignore corrupted data blocks.\nLoadPin must only trust verity targets that are configured to\nperform some kind of enforcement when data corruption is detected,\nlike returning an error, restarting the system or triggering a\npanic."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/md/dm-verity-loadpin.c", "drivers/md/dm-verity-target.c", "drivers/md/dm-verity.h"], "versions": [{"version": "b6c1c5745ccc68ac5d57c7ffb51ea25a86d0e97b", "lessThan": "cb1f5b76e39d86c98722696bdf632987aa777b83", "status": "affected", "versionType": "git"}, {"version": "b6c1c5745ccc68ac5d57c7ffb51ea25a86d0e97b", "lessThan": "916ef6232cc4b84db7082b4c3d3cf1753d9462ba", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/md/dm-verity-loadpin.c", "drivers/md/dm-verity-target.c", "drivers/md/dm-verity.h"], "versions": [{"version": "6.0", "status": "affected"}, {"version": "0", "lessThan": "6.0", "status": "unaffected", "versionType": "semver"}, {"version": "6.0.3", "lessThanOrEqual": "6.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.0.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/cb1f5b76e39d86c98722696bdf632987aa777b83"}, {"url": "https://git.kernel.org/stable/c/916ef6232cc4b84db7082b4c3d3cf1753d9462ba"}], "title": "dm: verity-loadpin: Only trust verity targets with enforcement", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: verity-loadpin: Only trust verity targets with enforcement\n\nVerity targets can be configured to ignore corrupted data blocks.\nLoadPin must only trust verity targets that are configured to\nperform some kind of enforcement when data corruption is detected,\nlike returning an error, restarting the system or triggering a\npanic."}], "id": "CVE-2022-50621", "lastModified": "2025-12-08T18:26:19.900", "metrics": {}, "published": "2025-12-08T02:15:48.000", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/916ef6232cc4b84db7082b4c3d3cf1753d9462ba"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/cb1f5b76e39d86c98722696bdf632987aa777b83"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: dm: verity-loadpin: Only trust verity targets with enforcement", "id": "2419886", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419886"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2022-50621", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-50621\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50621\nhttps://lore.kernel.org/linux-cve-announce/2025120852-CVE-2022-50621-be59@gregkh/T"], "threat_severity": "Moderate"}