kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 4.15 (including) | 4.19.196 (excluding) |
Linux_kernel | Linux | 4.20 (including) | 5.4.129 (excluding) |
Linux_kernel | Linux | 5.5 (including) | 5.10.47 (excluding) |
Linux_kernel | Linux | 5.11 (including) | 5.12.14 (excluding) |