Nayna

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.12.14 **Description** The issue is related to the mishandling of Signature Verification in the Linux kernel. This could allow an attacker to impact the confidentiality, integrity, and availability of protected information. The problem occurs when the `module.sig enforce=1` command-line argument is used without `CONFIG MODULE SIG`, resulting in a lack of verification that a kernel module is signed before loading it via `init module`. **Recommendations** For Linux kernel versions prior to 5.12.14, update to version 5.12.14 or later to resolve the issue. As a temporary workaround, consider enabling `CONFIG MODULE SIG` to ensure signature verification for kernel modules. Restrict the use of the `module.sig enforce=1` command-line argument until the update is applied.