Vulnetix
Try Vulnetix Request Demo
CVE-2016-6213 PUBLISHED

fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by a loop that triggers exponential growth in the number of mounts.

EPSS 0.04% · 11.8th percentile

Risk Scores

EPSS Score
0.04%
11.8th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSlinux-azure4.18.0-1014.14~18.04.1, 5.0.0-1035.37, 5.0.0-1032.34
Ubuntu:18.04:LTSlinux-gcp4.15.0-1044.70, 4.15.0-1001.1, 4.15.0-1003.3
Ubuntu:22.04:LTSlinux-intel-iot-realtime5.15.0-1073.75, 0
Ubuntu:20.04:LTSlinux-gke5.4.0-1044.46, 5.4.0-1105.112, 5.4.0-1104.111
Ubuntu:18.04:LTSlinux-hwe-edge5.3.0-23.25~18.04.2, 5.3.0-24.26~18.04.2, 0
Ubuntu:24.04:LTSlinux-azure-6.116.11.0-1017.17~24.04.1, 6.11.0-1015.15~24.04.1, 6.11.0-1014.14~24.04.1
Ubuntu:22.04:LTSlinux-realtime5.15.0-1032.35, 0
Ubuntu:20.04:LTSlinux-riscv5.4.0-26.30, 5.4.0-24.28, 0
Ubuntu:14.04:LTSlinux3.12.0-5.13, 3.12.0-4.12, 3.12.0-4.10
Ubuntu:20.04:LTSlinux-gkeop5.4.0-1026.27, 0, 5.4.0-1008.9
Ubuntu:16.04:LTSlinux4.4.0-6.21, 4.4.0-38.57, 4.4.0-42.62
Ubuntu:24.04:LTSlinux-raspi-realtime6.8.0-2019.20, 0
Ubuntu:14.04:LTSlinux-lts-xenial4.4.0-22.39~14.04.1, 0, 4.4.0-13.29~14.04.1
Ubuntu:24.04:LTSlinux-lowlatency-hwe-6.116.11.0-1016.17~24.04.1, 6.11.0-1015.16~24.04.2, 6.11.0-1014.15~24.04.1
Ubuntu:16.04:LTSlinux-raspi24.4.0-1004.5, 4.4.0-1003.4, 4.3.0-1006.6
Ubuntu:24.04:LTSlinux-riscv6.8.0-51.52.1, 6.8.0-49.49.1, 6.8.0-48.48.1
Ubuntu:16.04:LTSlinux-snapdragon4.4.0-1012.12, 4.4.0-1013.14, 4.4.0-1013.15
Ubuntu:24.04:LTSlinux-gcp-6.116.11.0-1015.15~24.04.1, 6.11.0-1017.17~24.04.1, 0
Ubuntu:22.04:LTSlinux-riscv5.13.0-1004.4, 5.15.0-1007.7, 5.15.0-1008.8
Ubuntu:18.04:LTSlinux-hwe5.0.0-29.31~18.04.1, 5.0.0-27.28~18.04.1, 5.3.0-26.28~18.04.1

…and 6 more

Timeline

References

Open in Interactive Console →