In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64_MAX, disabling further DNS updates. Fix this by restoring the condition that key_set_expiry is only called when the pre-parser sets a specific expiry.
During the key instantiation process in the Linux kernel, the key_set_expiry function was called unconditionally, resulting in the expiration time being set to TIME64_MAX — essentially infinity. The correct behavior should be to call this function only when the pre-parser explicitly indicates a specific expiration time. As a result, the expiration time set by user-space was being overwritten with a default value, making the key permanent contrary to system intentions.
An attacker or unauthorized party can exploit the fact that keys never expire to maintain outdated or malicious data (e.g., DNS records) indefinitely, bypassing key refresh and invalidation mechanisms. This can lead to violations of system confidentiality, integrity, and availability (CVSS score 9.8).
Apply patches available from the manufacturer according to the references — fixes have been published in the stable Linux kernel repositories at the addresses indicated in the CVE references section.
Linux kernel — versions indicated in the manufacturer's references (patches available at the addresses in the references section).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLinux Kernel
OSLinux5.10.206 – 5.10.217 (bez)5.15.146 – 5.15.159 (bez)6.1.70 – 6.1.91 (bez)6.6.9 – 6.6.31 (bez)6.7 – 6.8.10 (bez)6.9 – 6.9.1 (bez)
Related vulnerabilities
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a...