Huawei EulerOS: CVE-2024-36031: kernel security update

Huawei EulerOS: CVE-2024-36031: kernel security update

Severity

4

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

05/30/2024

Created

10/09/2024

Added

10/08/2024

Modified

10/08/2024

Description

In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64_MAX, disabling further DNS updates. Fix this by restoring the condition that key_set_expiry is only called when the pre-parser sets a specific expiry.

Solution(s)

• huawei-euleros-2_0_sp11-upgrade-bpftool
• huawei-euleros-2_0_sp11-upgrade-kernel
• huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists
• huawei-euleros-2_0_sp11-upgrade-kernel-tools
• huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs
• huawei-euleros-2_0_sp11-upgrade-python3-perf

References

• https://attackerkb.com/topics/cve-2024-36031
• CVE - 2024-36031
• EulerOS-SA-2024-2207