PT-2024-28104 · Linux+5 · Linux Kernel+5

Roded Zats

·

Published

2024-05-22

·

Updated

2025-10-03

·

CVE-2024-38659

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the validation of length of nl attributes in the enic set vf port function. The function assumes that the nl attribute IFLA PORT PROFILE is of length PORT PROFILE MAX and that the nl attributes IFLA PORT INSTANCE UUID and IFLA PORT HOST UUID are of length PORT UUID MAX. However, these attributes are validated using the nla policy ifla port policy, which defines the maximum size of the attributes, not the exact size. This might cause an out of bounds read access in the memcpys of the data of these attributes in enic set vf port. The do setlink function in rtnetlink.c uses the nla policy to validate the attributes.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-1284

Related Identifiers

BDU:2025-04181
CVE-2024-38659
DLA-3840-1
DSA-5730-1
MGASA-2024-0263
MGASA-2024-0266
OESA-2024-1835
OESA-2024-2216
OESA-2024-2218
OESA-2024-2258
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
SUSE-SU-2024:2360-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2381-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2802-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6951-1
USN-6951-2
USN-6951-3
USN-6951-4
USN-6953-1
USN-6979-1
USN-6999-1
USN-6999-2
USN-7004-1
USN-7005-1
USN-7005-2
USN-7007-1
USN-7007-2
USN-7007-3
USN-7008-1
USN-7009-1
USN-7009-2
USN-7019-1
USN-7029-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu