CVE notification received by email:

A CVE fix advisory was shipped on 2025-12-17T05:37:41Z:

Advisory link: https://errata.engineering.redhat.com/advisory/157049
Advisory synopsis: Important: kernel security update
Advisory security impact: Important
Advisory type: RHSA

SLA: 2025/12/31

This CVE impacts osc-podvm-payload and osc-dm-verity-image

NOTE: the notification doesn't list dm-verity - we apparently miss something to ensure the security scan knows about it.