CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
10.3%
In the Linux kernel, the following vulnerability has been resolved:
keys: Fix overwrite of key expiration on instantiation
The expiry time of a key is unconditionally overwritten during
instantiation, defaulting to turn it permanent. This causes a problem
for DNS resolution as the expiration set by user-space is overwritten to
TIME64_MAX, disabling further DNS updates. Fix this by restoring the
condition that key_set_expiry is only called when the pre-parser sets a
specific expiry.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"security/keys/key.c"
],
"versions": [
{
"version": "97be1e865e70",
"lessThan": "ad2011ea7879",
"status": "affected",
"versionType": "git"
},
{
"version": "2552b32b0b34",
"lessThan": "ed79b93f725c",
"status": "affected",
"versionType": "git"
},
{
"version": "791d5409cdb9",
"lessThan": "e4519a016650",
"status": "affected",
"versionType": "git"
},
{
"version": "afc360e8a125",
"lessThan": "25777f3f4e1f",
"status": "affected",
"versionType": "git"
},
{
"version": "39299bdd2546",
"lessThan": "939a08bcd433",
"status": "affected",
"versionType": "git"
},
{
"version": "39299bdd2546",
"lessThan": "cc219cb8afbc",
"status": "affected",
"versionType": "git"
},
{
"version": "39299bdd2546",
"lessThan": "9da27fb65a14",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"security/keys/key.c"
],
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.217",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.159",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.91",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.31",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.10",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.1",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]
git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7
git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41
git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252
git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a
git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a
git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d
git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be