947 B
947 B
CVE-2011-2189
Description
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.
POC
Reference
- http://kerneltrap.org/mailarchive/git-commits-head/2009/12/8/15289
- https://bugzilla.redhat.com/show_bug.cgi?id=711134
- https://bugzilla.redhat.com/show_bug.cgi?id=711245
Github
No PoCs found on GitHub currently.