Launchpad CVE tracker

CVE 2011-2189

net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.

Related bugs and status

CVE-2011-2189 (Candidate) is related to these bugs:

Bug #790863: Unable to start lxc container after update to 2.6.32-32

		In	Importance	Status
790863	Unable to start lxc container after update to 2.6.32-32	linux (Ubuntu)	High	Fix Released
790863	Unable to start lxc container after update to 2.6.32-32	vsftpd (Ubuntu)	High	Fix Released
790863	Unable to start lxc container after update to 2.6.32-32	linux (Ubuntu Lucid)	High	Fix Released
790863	Unable to start lxc container after update to 2.6.32-32	vsftpd (Ubuntu Lucid)	High	Fix Released
790863	Unable to start lxc container after update to 2.6.32-32	linux (Ubuntu Precise)	High	Fix Released
790863	Unable to start lxc container after update to 2.6.32-32	vsftpd (Ubuntu Precise)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-2189

References