| Assigner | Linux |
| Reserved | 2024-05-17 |
| Published | 2024-05-30 |
| Updated | 2024-07-15 |
Description
In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64_MAX, disabling further DNS updates. Fix this by restoring the condition that key_set_expiry is only called when the pre-parser sets a specific expiry.
Product status
97be1e865e70 before ad2011ea7879
2552b32b0b34 before ed79b93f725c
791d5409cdb9 before e4519a016650
afc360e8a125 before 25777f3f4e1f
39299bdd2546 before 939a08bcd433
39299bdd2546 before cc219cb8afbc
39299bdd2546 before 9da27fb65a14
6.7
Any version before 6.7
5.10.217
5.15.159
6.1.91
6.6.31
6.8.10
6.9.1
6.10
References
https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a
https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be
https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d5a4e06d
https://git.kernel.org/stable/c/25777f3f4e1f371d16a594925f31e37ce07b6ec7
https://git.kernel.org/stable/c/939a08bcd4334bad4b201e60bd0ae1f278d71d41
https://git.kernel.org/stable/c/cc219cb8afbc40ec100c0de941047bb29373126a
https://git.kernel.org/stable/c/9da27fb65a14c18efd4473e2e82b76b53ba60252
