Vulnerability Name: | CVE-2016-6213 (CCN-114989) | ||||||||||||||||||||||||||||
Assigned: | 2016-07-13 | ||||||||||||||||||||||||||||
Published: | 2016-07-13 | ||||||||||||||||||||||||||||
Updated: | 2018-01-05 | ||||||||||||||||||||||||||||
Summary: | fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by a loop that triggers exponential growth in the number of mounts. | ||||||||||||||||||||||||||||
CVSS v3 Severity: | 4.7 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H) 4.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
3.5 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
4.1 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||
CVSS v2 Severity: | 4.7 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C)
| ||||||||||||||||||||||||||||
Vulnerability Type: | CWE-400 CWE-770 | ||||||||||||||||||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2016-6213 Source: CONFIRM Type: Patch, Vendor Advisory http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d29216842a85c7970c536108e093963f02714498 Source: CCN Type: oss-sec Mailing List, Wed, 13 Jul 2016 12:59:40 -0400 (EDT) Re: cve request: local DoS by overflowing kernel mount table using shared bind mount Source: CCN Type: oss-sec Mailing List, Wed, 13 Jul 2016 10:52:44 -0400 (EDT) cve request: local DoS by overflowing kernel mount table using shared bind mount Source: CCN Type: IBM Security Bulletin T1025263 (PowerKVM) Vulnerabilities in the Linux Kernel affect PowerKVM Source: CCN Type: IBM Security Bulletin T1026731 (PowerKVM) Vulnerabilities in the Linux kernel affect PowerKVM Source: CCN Type: IBM Security Bulletin 2011746 (QRadar Network Security) IBM QRadar Network Security is affected by vulnerabilities in Linux kernel Source: MLIST Type: Mailing List [oss-security] 20160713 Re: cve request: local DoS by overflowing kernel mount table using shared bind mount Source: BID Type: UNKNOWN 91754 Source: CCN Type: BID-91754 Linux Kernel CVE-2016-6213 Local Denial of Service Vulnerability Source: REDHAT Type: UNKNOWN RHSA-2017:1842 Source: REDHAT Type: UNKNOWN RHSA-2017:2077 Source: CONFIRM Type: Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1356471 Source: XF Type: UNKNOWN linux-kernel-cve20166213-dos(114989) Source: CONFIRM Type: Patch https://github.com/torvalds/linux/commit/d29216842a85c7970c536108e093963f02714498 Source: CCN Type: WhiteSource Vulnerability Database CVE-2016-6213 | ||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration RedHat 6: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||
BACK |