Vulnerability CVE-2011-2189: Information

Description

net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2011-2189
Published: Oct. 10, 2011
Modified: Feb. 13, 2023
Error type identifier: CWE-400

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
usbipsisyphus5.10-alt15.10-alt1ALT-PU-2023-1798-1320453Fixed
usbipsisyphus_e2k5.10-alt15.10-alt1ALT-PU-2023-7452-1-Fixed
usbipp105.10-alt15.10-alt1ALT-PU-2023-1903-1320461Fixed
usbipp10_e2k5.10-alt15.10-alt1ALT-PU-2023-7498-1-Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
DSA-2305
  • Third Party Advisory
[oss-security] 20110606 Re: CVE Request -- vsftpd -- Do not create network namespace per connection
  • Mailing List
  • Third Party Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629373
  • Exploit
  • Mailing List
  • Third Party Advisory
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720095
  • Exploit
  • Third Party Advisory
[git-commits-head] 20091208 net: Automatically allocate per namespace data.
  • Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=711245
  • Exploit
  • Issue Tracking
  • Patch
  • Third Party Advisory
[oss-security] 20110606 Re: CVE Request -- vsftpd -- Do not create network namespace per connection
  • Mailing List
  • Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=711134
  • Exploit
  • Issue Tracking
  • Third Party Advisory
http://patchwork.ozlabs.org/patch/88217/
  • Mailing List
  • Patch
  • Third Party Advisory
http://ie.archive.ubuntu.com/linux/kernel/v2.6/ChangeLog-2.6.33
  • Broken Link
USN-1288-1
  • Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f875bae065334907796da12523f9df85c89f5712
    http://neil.brown.name/git?p=linux-2.6%3Ba=patch%3Bh=2b035b39970740722598f7a9d548835f9bdd730f
      http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2b035b39970740722598f7a9d548835f9bdd730f

          1. Configuration 1

            cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
            End including
            2.6.32

            Configuration 2

            cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
            cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*

            Configuration 3

            cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
            cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
            cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
            cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*

            Configuration 4

            cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
            cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
            cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
        VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
        Version: v24.4.2
        Back to top