Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.
- http://kerneltrap.org/mailarchive/git-commits-head/2009/12/8/15289
- https://bugzilla.redhat.com/show_bug.cgi?id=711134
- https://bugzilla.redhat.com/show_bug.cgi?id=711245
No PoCs found on GitHub currently.