CVE-2024-36031 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 9
kernel-0:5.14.0-503.11.1.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:9315	2024-11-12T00:00:00Z
kernel-0:5.14.0-503.11.1.el9_5	cpe:/o:redhat:enterprise_linux:9	RHSA-2024:9315	2024-11-12T00:00:00Z

Link	Providers
https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7
https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41
https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252
https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a
https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a
https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d
https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be
https://lore.kernel.org/linux-cve-announce/2024053000-CVE-2024-36031-46f2@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-36031
https://www.cve.org/CVERecord?id=CVE-2024-36031

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:-:::::::* cpe:2.3:o:linux:linux_kernel:6.7:-::::::
Vendors & Products		Linux Linux linux Kernel
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-36031", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.160Z", "datePublished": "2024-05-30T15:23:46.831Z", "dateUpdated": "2024-12-19T09:00:58.047Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T09:00:58.047Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkeys: Fix overwrite of key expiration on instantiation\n\nThe expiry time of a key is unconditionally overwritten during\ninstantiation, defaulting to turn it permanent. This causes a problem\nfor DNS resolution as the expiration set by user-space is overwritten to\nTIME64_MAX, disabling further DNS updates. Fix this by restoring the\ncondition that key_set_expiry is only called when the pre-parser sets a\nspecific expiry."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["security/keys/key.c"], "versions": [{"version": "97be1e865e70e5a0ad0a5b5f5dca5031ca0b53ac", "lessThan": "ad2011ea787928b2accb5134f1e423b11fe80a8a", "status": "affected", "versionType": "git"}, {"version": "2552b32b0b349df160a509fe49f5f308cb922f2b", "lessThan": "ed79b93f725cd0da39a265dc23d77add1527b9be", "status": "affected", "versionType": "git"}, {"version": "791d5409cdb974c31a1bc7a903ea729ddc7d83df", "lessThan": "e4519a016650e952ad9eb27937f8c447d5a4e06d", "status": "affected", "versionType": "git"}, {"version": "afc360e8a1256acb7579a6f5b6f2c30b85b39301", "lessThan": "25777f3f4e1f371d16a594925f31e37ce07b6ec7", "status": "affected", "versionType": "git"}, {"version": "39299bdd2546688d92ed9db4948f6219ca1b9542", "lessThan": "939a08bcd4334bad4b201e60bd0ae1f278d71d41", "status": "affected", "versionType": "git"}, {"version": "39299bdd2546688d92ed9db4948f6219ca1b9542", "lessThan": "cc219cb8afbc40ec100c0de941047bb29373126a", "status": "affected", "versionType": "git"}, {"version": "39299bdd2546688d92ed9db4948f6219ca1b9542", "lessThan": "9da27fb65a14c18efd4473e2e82b76b53ba60252", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["security/keys/key.c"], "versions": [{"version": "6.7", "status": "affected"}, {"version": "0", "lessThan": "6.7", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.217", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.159", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.91", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.31", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.10", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.1", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a"}, {"url": "https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be"}, {"url": "https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d"}, {"url": "https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7"}, {"url": "https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41"}, {"url": "https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a"}, {"url": "https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252"}], "title": "keys: Fix overwrite of key expiration on instantiation", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-324", "lang": "en", "description": "CWE-324 Use of a Key Past its Expiration Date"}]}], "affected": [{"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "97be1e865e70", "status": "affected", "lessThan": "ad2011ea7879", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2552b32b0b34", "status": "affected", "lessThan": "ed79b93f725c", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "791d5409cdb9", "status": "affected", "lessThan": "e4519a016650", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "afc360e8a125", "status": "affected", "lessThan": "25777f3f4e1f", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "39299bdd2546", "status": "affected", "lessThan": "939a08bcd433", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "39299bdd2546", "status": "affected", "lessThan": "cc219cb8afbc", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "39299bdd2546", "status": "affected", "lessThan": "9da27fb65a14", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.6.31", "status": "unaffected", "lessThanOrEqual": "6.6.*", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "unaffected", "lessThan": "6.7", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:6.7:-:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.7", "status": "affected"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.10.217", "status": "unaffected", "lessThan": "5.11", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.15.159", "status": "unaffected", "lessThan": "5.16", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.1.91", "status": "unaffected", "lessThan": "6.2", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.8.10", "status": "unaffected", "lessThan": "6.9", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.9.1", "status": "unaffected", "lessThan": "6.10", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-06-05T14:16:33.695503Z", "id": "CVE-2024-36031", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T19:29:28.918Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:30:12.891Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

cveMetadata : { »

cveId : CVE-2024-36031 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-05-17T13:50:33.160Z (string)

datePublished : 2024-05-30T15:23:46.831Z (string)

dateUpdated : 2024-12-19T09:00:58.047Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2024-12-19T09:00:58.047Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64_MAX, disabling further DNS updates. Fix this by restoring the condition that key_set_expiry is only called when the pre-parser sets a specific expiry. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : security/keys/key.c (string)

]

versions : [ »

0 : { »

version : 97be1e865e70e5a0ad0a5b5f5dca5031ca0b53ac (string)

lessThan : ad2011ea787928b2accb5134f1e423b11fe80a8a (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 2552b32b0b349df160a509fe49f5f308cb922f2b (string)

lessThan : ed79b93f725cd0da39a265dc23d77add1527b9be (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 791d5409cdb974c31a1bc7a903ea729ddc7d83df (string)

lessThan : e4519a016650e952ad9eb27937f8c447d5a4e06d (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : afc360e8a1256acb7579a6f5b6f2c30b85b39301 (string)

lessThan : 25777f3f4e1f371d16a594925f31e37ce07b6ec7 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 39299bdd2546688d92ed9db4948f6219ca1b9542 (string)

lessThan : 939a08bcd4334bad4b201e60bd0ae1f278d71d41 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 39299bdd2546688d92ed9db4948f6219ca1b9542 (string)

lessThan : cc219cb8afbc40ec100c0de941047bb29373126a (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 39299bdd2546688d92ed9db4948f6219ca1b9542 (string)

lessThan : 9da27fb65a14c18efd4473e2e82b76b53ba60252 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : security/keys/key.c (string)

]

versions : [ »

0 : { »

version : 6.7 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 6.7 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 5.10.217 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.15.159 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 6.1.91 (string)

lessThanOrEqual : 6.1.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 6.6.31 (string)

lessThanOrEqual : 6.6.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 6.8.10 (string)

lessThanOrEqual : 6.8.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 6.9.1 (string)

lessThanOrEqual : 6.9.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 6.10 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a (string)

}

1 : { »

url : https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be (string)

}

2 : { »

url : https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d (string)

}

3 : { »

url : https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a (string)

}

6 : { »

url : https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252 (string)

}

]

title : keys: Fix overwrite of key expiration on instantiation (string)

x_generator : { »

engine : bippy-5f407fcff5a0 (string)

}

adp : [ »

0 : { »

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : CWE (string)

cweId : CWE-324 (string)

lang : en (string)

description : CWE-324 Use of a Key Past its Expiration Date (string)

}

]

}

]

affected : [ »

0 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 97be1e865e70 (string)

status : affected (string)

lessThan : ad2011ea7879 (string)

versionType : custom (string)

}

]

}

1 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 2552b32b0b34 (string)

status : affected (string)

lessThan : ed79b93f725c (string)

versionType : custom (string)

}

]

}

2 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 791d5409cdb9 (string)

status : affected (string)

lessThan : e4519a016650 (string)

versionType : custom (string)

}

]

}

3 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : afc360e8a125 (string)

status : affected (string)

lessThan : 25777f3f4e1f (string)

versionType : custom (string)

}

]

}

4 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 39299bdd2546 (string)

status : affected (string)

lessThan : 939a08bcd433 (string)

versionType : custom (string)

}

]

}

5 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 39299bdd2546 (string)

status : affected (string)

lessThan : cc219cb8afbc (string)

versionType : custom (string)

}

]

}

6 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 39299bdd2546 (string)

status : affected (string)

lessThan : 9da27fb65a14 (string)

versionType : custom (string)

}

]

}

7 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 6.6.31 (string)

status : unaffected (string)

lessThanOrEqual : 6.6.* (string)

versionType : custom (string)

}

]

}

8 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : unaffected (string)

lessThan : 6.7 (string)

versionType : custom (string)

}

]

}

9 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:6.7:-:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 6.7 (string)

status : affected (string)

}

]

}

10 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 5.10.217 (string)

status : unaffected (string)

lessThan : 5.11 (string)

versionType : custom (string)

}

]

}

11 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 5.15.159 (string)

status : unaffected (string)

lessThan : 5.16 (string)

versionType : custom (string)

}

]

}

12 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 6.1.91 (string)

status : unaffected (string)

lessThan : 6.2 (string)

versionType : custom (string)

}

]

}

13 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 6.8.10 (string)

status : unaffected (string)

lessThan : 6.9 (string)

versionType : custom (string)

}

]

}

14 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 6.9.1 (string)

status : unaffected (string)

lessThan : 6.10 (string)

versionType : custom (string)

}

]

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 9.8 (number)

attackVector : NETWORK (string)

baseSeverity : CRITICAL (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : NONE (string)

confidentialityImpact : HIGH (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-06-05T14:16:33.695503Z (string)

id : CVE-2024-36031 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : yes (string)

}

2 : { »

Technical Impact : total (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-06T19:29:28.918Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T03:30:12.891Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:30:12.891Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-36031", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-05T14:16:33.695503Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "97be1e865e70", "lessThan": "ad2011ea7879", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "2552b32b0b34", "lessThan": "ed79b93f725c", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "791d5409cdb9", "lessThan": "e4519a016650", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "afc360e8a125", "lessThan": "25777f3f4e1f", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "39299bdd2546", "lessThan": "939a08bcd433", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "39299bdd2546", "lessThan": "cc219cb8afbc", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "39299bdd2546", "lessThan": "9da27fb65a14", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "6.6.31", "versionType": "custom", "lessThanOrEqual": "6.6.*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "0", "lessThan": "6.7", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:6.7:-:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "6.7"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "5.10.217", "lessThan": "5.11", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "5.15.159", "lessThan": "5.16", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "6.1.91", "lessThan": "6.2", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "6.8.10", "lessThan": "6.9", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "6.9.1", "lessThan": "6.10", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-324", "description": "CWE-324 Use of a Key Past its Expiration Date"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-05T13:56:20.728Z"}}], "cna": {"title": "keys: Fix overwrite of key expiration on instantiation", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "97be1e865e70e5a0ad0a5b5f5dca5031ca0b53ac", "lessThan": "ad2011ea787928b2accb5134f1e423b11fe80a8a", "versionType": "git"}, {"status": "affected", "version": "2552b32b0b349df160a509fe49f5f308cb922f2b", "lessThan": "ed79b93f725cd0da39a265dc23d77add1527b9be", "versionType": "git"}, {"status": "affected", "version": "791d5409cdb974c31a1bc7a903ea729ddc7d83df", "lessThan": "e4519a016650e952ad9eb27937f8c447d5a4e06d", "versionType": "git"}, {"status": "affected", "version": "afc360e8a1256acb7579a6f5b6f2c30b85b39301", "lessThan": "25777f3f4e1f371d16a594925f31e37ce07b6ec7", "versionType": "git"}, {"status": "affected", "version": "39299bdd2546688d92ed9db4948f6219ca1b9542", "lessThan": "939a08bcd4334bad4b201e60bd0ae1f278d71d41", "versionType": "git"}, {"status": "affected", "version": "39299bdd2546688d92ed9db4948f6219ca1b9542", "lessThan": "cc219cb8afbc40ec100c0de941047bb29373126a", "versionType": "git"}, {"status": "affected", "version": "39299bdd2546688d92ed9db4948f6219ca1b9542", "lessThan": "9da27fb65a14c18efd4473e2e82b76b53ba60252", "versionType": "git"}], "programFiles": ["security/keys/key.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.7"}, {"status": "unaffected", "version": "0", "lessThan": "6.7", "versionType": "semver"}, {"status": "unaffected", "version": "5.10.217", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.159", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.91", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.31", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.10", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9.1", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["security/keys/key.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a"}, {"url": "https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be"}, {"url": "https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d"}, {"url": "https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7"}, {"url": "https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41"}, {"url": "https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a"}, {"url": "https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkeys: Fix overwrite of key expiration on instantiation\n\nThe expiry time of a key is unconditionally overwritten during\ninstantiation, defaulting to turn it permanent. This causes a problem\nfor DNS resolution as the expiration set by user-space is overwritten to\nTIME64_MAX, disabling further DNS updates. Fix this by restoring the\ncondition that key_set_expiry is only called when the pre-parser sets a\nspecific expiry."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T09:00:58.047Z"}}}, "cveMetadata": {"cveId": "CVE-2024-36031", "state": "PUBLISHED", "dateUpdated": "2024-12-19T09:00:58.047Z", "dateReserved": "2024-05-17T13:50:33.160Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-30T15:23:46.831Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T03:30:12.891Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 9.8 (number)

attackVector : NETWORK (string)

baseSeverity : CRITICAL (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : NONE (string)

confidentialityImpact : HIGH (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-36031 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : yes (string)

}

2 : { »

Technical Impact : total (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-06-05T14:16:33.695503Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 97be1e865e70 (string)

lessThan : ad2011ea7879 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

1 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 2552b32b0b34 (string)

lessThan : ed79b93f725c (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

2 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 791d5409cdb9 (string)

lessThan : e4519a016650 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

3 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : afc360e8a125 (string)

lessThan : 25777f3f4e1f (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

4 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 39299bdd2546 (string)

lessThan : 939a08bcd433 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

5 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 39299bdd2546 (string)

lessThan : cc219cb8afbc (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

6 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 39299bdd2546 (string)

lessThan : 9da27fb65a14 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

7 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 6.6.31 (string)

versionType : custom (string)

lessThanOrEqual : 6.6.* (string)

}

]

defaultStatus : unknown (string)

}

8 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 6.7 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

9 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:6.7:-:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 6.7 (string)

}

]

defaultStatus : unknown (string)

}

10 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 5.10.217 (string)

lessThan : 5.11 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

11 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 5.15.159 (string)

lessThan : 5.16 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

12 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 6.1.91 (string)

lessThan : 6.2 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

13 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 6.8.10 (string)

lessThan : 6.9 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

14 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 6.9.1 (string)

lessThan : 6.10 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-324 (string)

description : CWE-324 Use of a Key Past its Expiration Date (string)

}

]

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-05T13:56:20.728Z (string)

}

]

cna : { »

title : keys: Fix overwrite of key expiration on instantiation (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 97be1e865e70e5a0ad0a5b5f5dca5031ca0b53ac (string)

lessThan : ad2011ea787928b2accb5134f1e423b11fe80a8a (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 2552b32b0b349df160a509fe49f5f308cb922f2b (string)

lessThan : ed79b93f725cd0da39a265dc23d77add1527b9be (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 791d5409cdb974c31a1bc7a903ea729ddc7d83df (string)

lessThan : e4519a016650e952ad9eb27937f8c447d5a4e06d (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : afc360e8a1256acb7579a6f5b6f2c30b85b39301 (string)

lessThan : 25777f3f4e1f371d16a594925f31e37ce07b6ec7 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 39299bdd2546688d92ed9db4948f6219ca1b9542 (string)

lessThan : 939a08bcd4334bad4b201e60bd0ae1f278d71d41 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 39299bdd2546688d92ed9db4948f6219ca1b9542 (string)

lessThan : cc219cb8afbc40ec100c0de941047bb29373126a (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 39299bdd2546688d92ed9db4948f6219ca1b9542 (string)

lessThan : 9da27fb65a14c18efd4473e2e82b76b53ba60252 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : security/keys/key.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 6.7 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 6.7 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 5.10.217 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

3 : { »

status : unaffected (string)

version : 5.15.159 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

4 : { »

status : unaffected (string)

version : 6.1.91 (string)

versionType : semver (string)

lessThanOrEqual : 6.1.* (string)

}

5 : { »

status : unaffected (string)

version : 6.6.31 (string)

versionType : semver (string)

lessThanOrEqual : 6.6.* (string)

}

6 : { »

status : unaffected (string)

version : 6.8.10 (string)

versionType : semver (string)

lessThanOrEqual : 6.8.* (string)

}

7 : { »

status : unaffected (string)

version : 6.9.1 (string)

versionType : semver (string)

lessThanOrEqual : 6.9.* (string)

}

8 : { »

status : unaffected (string)

version : 6.10 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : security/keys/key.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a (string)

}

1 : { »

url : https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be (string)

}

2 : { »

url : https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d (string)

}

3 : { »

url : https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a (string)

}

6 : { »

url : https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252 (string)

}

]

x_generator : { »

engine : bippy-5f407fcff5a0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64_MAX, disabling further DNS updates. Fix this by restoring the condition that key_set_expiry is only called when the pre-parser sets a specific expiry. (string)

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2024-12-19T09:00:58.047Z (string)

}

cveMetadata : { »

cveId : CVE-2024-36031 (string)

state : PUBLISHED (string)

dateUpdated : 2024-12-19T09:00:58.047Z (string)

dateReserved : 2024-05-17T13:50:33.160Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-05-30T15:23:46.831Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF5C5069-E387-40FC-A87C-E5D7570C21FC", "versionEndExcluding": "5.10.217", "versionStartIncluding": "5.10.206", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC57EFF5-0CE2-4A6A-8C3E-54B35AAB5541", "versionEndExcluding": "5.15.159", "versionStartIncluding": "5.15.146", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D76C6A8-7391-4D06-A4C3-B93BB8E501D7", "versionEndExcluding": "6.1.91", "versionStartIncluding": "6.1.70", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C079049-81E3-4F0F-B388-A7136C664B41", "versionEndExcluding": "6.6.31", "versionStartIncluding": "6.6.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A6B920C-8D8F-4130-86B4-AD334F4CF2E3", "versionEndExcluding": "6.8.10", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBDDC268-E99D-4BEC-AB56-3F461D64472C", "versionEndExcluding": "6.9.1", "versionStartIncluding": "6.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkeys: Fix overwrite of key expiration on instantiation\n\nThe expiry time of a key is unconditionally overwritten during\ninstantiation, defaulting to turn it permanent. This causes a problem\nfor DNS resolution as the expiration set by user-space is overwritten to\nTIME64_MAX, disabling further DNS updates. Fix this by restoring the\ncondition that key_set_expiry is only called when the pre-parser sets a\nspecific expiry."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: claves: se corrige la sobrescritura de la caducidad de la clave al crear instancias. El tiempo de caducidad de una clave se sobrescribe incondicionalmente durante la creaci\u00f3n de instancias, y de forma predeterminada se vuelve permanente. Esto causa un problema para la resoluci\u00f3n de DNS ya que la caducidad establecida por el espacio de usuario se sobrescribe en TIME64_MAX, lo que deshabilita m\u00e1s actualizaciones de DNS. Solucione este problema restaurando la condici\u00f3n de que key_set_expiry solo se llama cuando el analizador previo establece una caducidad espec\u00edfica."}], "id": "CVE-2024-36031", "lastModified": "2025-04-01T18:34:30.470", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-30T16:15:11.410", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-324"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FF5C5069-E387-40FC-A87C-E5D7570C21FC (string)

versionEndExcluding : 5.10.217 (string)

versionStartIncluding : 5.10.206 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FC57EFF5-0CE2-4A6A-8C3E-54B35AAB5541 (string)

versionEndExcluding : 5.15.159 (string)

versionStartIncluding : 5.15.146 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1D76C6A8-7391-4D06-A4C3-B93BB8E501D7 (string)

versionEndExcluding : 6.1.91 (string)

versionStartIncluding : 6.1.70 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3C079049-81E3-4F0F-B388-A7136C664B41 (string)

versionEndExcluding : 6.6.31 (string)

versionStartIncluding : 6.6.9 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6A6B920C-8D8F-4130-86B4-AD334F4CF2E3 (string)

versionEndExcluding : 6.8.10 (string)

versionStartIncluding : 6.7 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EBDDC268-E99D-4BEC-AB56-3F461D64472C (string)

versionEndExcluding : 6.9.1 (string)

versionStartIncluding : 6.9 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64_MAX, disabling further DNS updates. Fix this by restoring the condition that key_set_expiry is only called when the pre-parser sets a specific expiry. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: claves: se corrige la sobrescritura de la caducidad de la clave al crear instancias. El tiempo de caducidad de una clave se sobrescribe incondicionalmente durante la creación de instancias, y de forma predeterminada se vuelve permanente. Esto causa un problema para la resolución de DNS ya que la caducidad establecida por el espacio de usuario se sobrescribe en TIME64_MAX, lo que deshabilita más actualizaciones de DNS. Solucione este problema restaurando la condición de que key_set_expiry solo se llama cuando el analizador previo establece una caducidad específica. (string)

}

]

id : CVE-2024-36031 (string)

lastModified : 2025-04-01T18:34:30.470 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 9.8 (number)

baseSeverity : CRITICAL (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 5.9 (number)

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

published : 2024-05-30T16:15:11.410 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-324 (string)

}

]

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: keys: Fix overwrite of key expiration on instantiation", "id": "2284410", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284410"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "status": "verified"}, "cwe": "CWE-665", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nkeys: Fix overwrite of key expiration on instantiation\nThe expiry time of a key is unconditionally overwritten during\ninstantiation, defaulting to turn it permanent. This causes a problem\nfor DNS resolution as the expiration set by user-space is overwritten to\nTIME64_MAX, disabling further DNS updates. Fix this by restoring the\ncondition that key_set_expiry is only called when the pre-parser sets a\nspecific expiry."], "name": "CVE-2024-36031", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-36031\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-36031\nhttps://lore.kernel.org/linux-cve-announce/2024053000-CVE-2024-36031-46f2@gregkh/T"], "threat_severity": "Low"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2024:9315 (string)

cpe : cpe:/a:redhat:enterprise_linux:9 (string)

package : kernel-0:5.14.0-503.11.1.el9_5 (string)

product_name : Red Hat Enterprise Linux 9 (string)

release_date : 2024-11-12T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2024:9315 (string)

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

package : kernel-0:5.14.0-503.11.1.el9_5 (string)

product_name : Red Hat Enterprise Linux 9 (string)

release_date : 2024-11-12T00:00:00Z (string)

}

]

bugzilla : { »

description : kernel: keys: Fix overwrite of key expiration on instantiation (string)

id : 2284410 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2284410 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 4.4 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N (string)

status : verified (string)

}

cwe : CWE-665 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64_MAX, disabling further DNS updates. Fix this by restoring the condition that key_set_expiry is only called when the pre-parser sets a specific expiry. (string)

]

name : CVE-2024-36031 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-05-30T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2024-36031 https://nvd.nist.gov/vuln/detail/CVE-2024-36031 https://lore.kernel.org/linux-cve-announce/2024053000-CVE-2024-36031-46f2@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object