CVE-2016-6213

CVSS v3.0 4.7 (Medium)

CVSS v2.0 4.7 (Medium)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 12

fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by a loop that triggers exponential growth in the number of mounts.

Weaknesses

CWE-400: Uncontrolled Resource Consumption

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2016-12-28 07:59:00
(7 years ago)
Updated Date: 2018-01-05 02:31:05
(6 years ago)

Affected Products

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel 4.8.15 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 4.8.15