net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
13 Feb 2023, 04:30
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CPE | cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:* |
Information
Published : 2011-10-10 10:55
Updated : 2023-12-10 11:03
NVD link : CVE-2011-2189
Mitre link : CVE-2011-2189
CVE.ORG link : CVE-2011-2189
JSON object : View
Products Affected
canonical
- ubuntu_linux
redhat
- enterprise_linux
- enterprise_mrg
linux
- linux_kernel
debian
- debian_linux
CWE
CWE-400
Uncontrolled Resource Consumption