CVE-2024-36031

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-36031
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36031.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-36031
Downstream
Related
Published
2024-05-30T15:23:46Z
Modified
2025-10-17T07:33:06.046689Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
keys: Fix overwrite of key expiration on instantiation
Details

In the Linux kernel, the following vulnerability has been resolved:

keys: Fix overwrite of key expiration on instantiation

The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64MAX, disabling further DNS updates. Fix this by restoring the condition that keyset_expiry is only called when the pre-parser sets a specific expiry.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
97be1e865e70e5a0ad0a5b5f5dca5031ca0b53ac
Fixed
ad2011ea787928b2accb5134f1e423b11fe80a8a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2552b32b0b349df160a509fe49f5f308cb922f2b
Fixed
ed79b93f725cd0da39a265dc23d77add1527b9be
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
791d5409cdb974c31a1bc7a903ea729ddc7d83df
Fixed
e4519a016650e952ad9eb27937f8c447d5a4e06d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
afc360e8a1256acb7579a6f5b6f2c30b85b39301
Fixed
25777f3f4e1f371d16a594925f31e37ce07b6ec7
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
39299bdd2546688d92ed9db4948f6219ca1b9542
Fixed
939a08bcd4334bad4b201e60bd0ae1f278d71d41
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
39299bdd2546688d92ed9db4948f6219ca1b9542
Fixed
cc219cb8afbc40ec100c0de941047bb29373126a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
39299bdd2546688d92ed9db4948f6219ca1b9542
Fixed
9da27fb65a14c18efd4473e2e82b76b53ba60252

Affected versions

v5.*

v5.10.206
v5.10.207
v5.10.208
v5.10.209
v5.10.210
v5.10.211
v5.10.212
v5.10.213
v5.10.214
v5.10.215
v5.10.216
v5.15.146
v5.15.147
v5.15.148
v5.15.149
v5.15.150
v5.15.151
v5.15.152
v5.15.153
v5.15.154
v5.15.155
v5.15.156
v5.15.157
v5.15.158

v6.*

v6.1.70
v6.1.71
v6.1.72
v6.1.73
v6.1.74
v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.90
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.30
v6.6.9
v6.7
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.217
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.159
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.91
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.31
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.8.10
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.9.1