CVE-2024-38659
HIGHDescription
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX. These attributes are validated (in the function do_setlink in rtnetlink.c) using the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE as NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and IFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation using the policy is for the max size of the attributes and not on exact size so the length of these attributes might be less than the sizes that enic_set_vf_port expects. This might cause an out of bands read access in the memcpys of the data of these attributes in enic_set_vf_port.
How to fix
Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
CVSS v3 Vector
Exploitability
Impact
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Exploit Intelligence
Low risk: more likely to be exploited than 16% of all known CVEs.
References
Related Vulnerabilities
Other CWE-1284 vulnerabilities, ordered by exploit likelihood. View all
| CVE | Severity | CVSS | EPSS | Exploited | Fix |
|---|---|---|---|---|---|
| CVE-2022-20699 | Critical | 10.0 | 72% | KEV | - |
| CVE-2021-43267 | Critical | 9.8 | 58% | - | Fix |
| CVE-2022-31629 | Medium | 6.5 | 49% | - | Fix |
| CVE-2025-9316 | Unscored | - | 37% | - | - |
| CVE-2022-36620 | High | 7.5 | 23% | - | - |
| CVE-2008-1440 | High | 7.1 | 23% | - | - |
Embed a live status badge for CVE-2024-38659
Markdown
[](https://tridentstack.com/cve/CVE-2024-38659)HTML
<a href="https://tridentstack.com/cve/CVE-2024-38659"><img src="https://tridentstack.com/cve/badge/CVE-2024-38659.svg" alt="CVE-2024-38659"></a>Find and fix vulnerabilities across your fleet
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start freeThis product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-05-12.