← Voltar para CVEs
CVE-2011-2189
HIGH7.5
Descricao
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.
Detalhes CVE
Pontuacao CVSS v3.17.5
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado10/10/2011
Ultima modificacao4/29/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
canonical:ubuntu_linuxdebian:debian_linuxlinux:linux_kernelredhat:enterprise_linuxredhat:enterprise_mrg
Fraquezas (CWE)
CWE-400
Referencias
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629373(secalert@redhat.com)
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2b035b39970740722598f7a9d548835f9bdd730f(secalert@redhat.com)
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f875bae065334907796da12523f9df85c89f5712(secalert@redhat.com)
http://ie.archive.ubuntu.com/linux/kernel/v2.6/ChangeLog-2.6.33(secalert@redhat.com)
http://kerneltrap.org/mailarchive/git-commits-head/2009/12/8/15289(secalert@redhat.com)
http://neil.brown.name/git?p=linux-2.6%3Ba=patch%3Bh=2b035b39970740722598f7a9d548835f9bdd730f(secalert@redhat.com)
http://patchwork.ozlabs.org/patch/88217/(secalert@redhat.com)
http://www.debian.org/security/2011/dsa-2305(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2011/06/06/10(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2011/06/06/20(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-1288-1(secalert@redhat.com)
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720095(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=711134(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=711245(secalert@redhat.com)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629373(af854a3a-2127-422b-91ae-364da2661108)
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2b035b39970740722598f7a9d548835f9bdd730f(af854a3a-2127-422b-91ae-364da2661108)
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f875bae065334907796da12523f9df85c89f5712(af854a3a-2127-422b-91ae-364da2661108)
http://ie.archive.ubuntu.com/linux/kernel/v2.6/ChangeLog-2.6.33(af854a3a-2127-422b-91ae-364da2661108)
http://kerneltrap.org/mailarchive/git-commits-head/2009/12/8/15289(af854a3a-2127-422b-91ae-364da2661108)
http://neil.brown.name/git?p=linux-2.6%3Ba=patch%3Bh=2b035b39970740722598f7a9d548835f9bdd730f(af854a3a-2127-422b-91ae-364da2661108)
http://patchwork.ozlabs.org/patch/88217/(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2011/dsa-2305(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2011/06/06/10(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2011/06/06/20(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1288-1(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720095(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=711134(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=711245(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.