CVE-2024-36031
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-36031
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36031.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-36031
- Downstream
- Related
- Published
- 2024-05-30T15:23:46.831Z
- Modified
- 2025-11-27T02:32:11.253039Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- keys: Fix overwrite of key expiration on instantiation
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
keys: Fix overwrite of key expiration on instantiation
The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64MAX, disabling further DNS updates. Fix this by restoring the condition that keyset_expiry is only called when the pre-parser sets a specific expiry.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/cc431b3424123d84bcd7afd4de150b33f117a8ef/cves/2024/36xxx/CVE-2024-36031.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7
- https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41
- https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252
- https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a
- https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a
- https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d
- https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be
- https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced97be1e865e70e5a0ad0a5b5f5dca5031ca0b53acFixedad2011ea787928b2accb5134f1e423b11fe80a8a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced2552b32b0b349df160a509fe49f5f308cb922f2bFixeded79b93f725cd0da39a265dc23d77add1527b9be
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced791d5409cdb974c31a1bc7a903ea729ddc7d83dfFixede4519a016650e952ad9eb27937f8c447d5a4e06d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedafc360e8a1256acb7579a6f5b6f2c30b85b39301Fixed25777f3f4e1f371d16a594925f31e37ce07b6ec7
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced39299bdd2546688d92ed9db4948f6219ca1b9542Fixed939a08bcd4334bad4b201e60bd0ae1f278d71d41
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced39299bdd2546688d92ed9db4948f6219ca1b9542Fixedcc219cb8afbc40ec100c0de941047bb29373126a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced39299bdd2546688d92ed9db4948f6219ca1b9542Fixed9da27fb65a14c18efd4473e2e82b76b53ba60252
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.217
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.159
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.91
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.31
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.8.10
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.9.1