CVE-2024-38659

CVE Details

Release Date:

2024-06-21

Description

In the Linux kernel, the following vulnerability has been resolved:\nenic: Validate length of nl attributes in enic_set_vf_port\nenic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE\nis of length PORT_PROFILE_MAX and that the nl attributes\nIFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX.\nThese attributes are validated (in the function do_setlink in rtnetlink.c)\nusing the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE\nas NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and\nIFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation\nusing the policy is for the max size of the attributes and not on exact\nsize so the length of these attributes might be less than the sizes that\nenic_set_vf_port expects. This might cause an out of bands\nread access in the memcpys of the data of these\nattributes in enic_set_vf_port.

See more information about CVE-2024-38659 from MITRE CVE dictionary and NIST NVD

CVSS Scoring

NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.

Base Score:	5.5	CVSS Vector:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector:	Local network	Attack Complexity:	Low
Privileges Required:	Low	User Interaction:	None
Scope:	Unchanged	Confidentiality Impact:	None
Integrity Impact:	None	Availability Impact:	High

Errata information

Platform	Errata	Release Date
Oracle Linux version 7 (kernel-uek)	ELSA-2024-12581	2024-08-12
Oracle Linux version 7 (kernel-uek)	ELSA-2024-12611	2024-09-11
Oracle Linux version 7 (kernel-uek-container)	ELSA-2024-12585	2024-08-12
Oracle Linux version 8 (kernel-uek)	ELSA-2024-12581	2024-08-12
Oracle Linux version 8 (kernel-uek-container)	ELSA-2024-12584	2024-08-12