7.8

CVE-2011-2189

Exploit

net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.

Data is provided by the National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 2.6.32
RedhatEnterprise Linux Version6.0
RedhatEnterprise Mrg Version2.0
CanonicalUbuntu Linux Version10.04
CanonicalUbuntu Linux Version10.10
CanonicalUbuntu Linux Version11.04
CanonicalUbuntu Linux Version11.10
DebianDebian Linux Version5.0
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 7.25% 0.913
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629373
Third Party Advisory
Exploit
Mailing List
http://patchwork.ozlabs.org/patch/88217/
Patch
Third Party Advisory
Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=711134
Third Party Advisory
Exploit
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=711245
Patch
Third Party Advisory
Exploit
Issue Tracking