CVE Vulnerabilities

CVE-2025-47827

Improper Verification of Cryptographic Signature

Published: Jun 05, 2025 | Modified: Jun 10, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.

Weakness

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References