Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 480200 (CVE-2013-4205) - Kernel : CLONE_NEWUSER local DoS (CVE-2013-4205)
Summary: Kernel : CLONE_NEWUSER local DoS (CVE-2013-4205)
Status: RESOLVED FIXED
Alias: CVE-2013-4205
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-08-07 19:00 UTC by Agostino Sarubbo
Modified: 2022-03-25 15:30 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-08-07 19:00:46 UTC
From ${URL} :

spender reported [1] a local DoS triggerable by unprivileged user when
user namespaces are enabled (CONFIG_USER_NS).

  [1] https://twitter.com/grsecurity/status/364566062336978944

Reproducer:

b836010000bb00000010cd80ebf2 is for(;;)unshare(1<<28);
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2013-08-30 01:08:07 UTC
CVE-2013-4205 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4205):
  Memory leak in the unshare_userns function in kernel/user_namespace.c in the
  Linux kernel before 3.10.6 allows local users to cause a denial of service
  (memory consumption) via an invalid CLONE_NEWUSER unshare call.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-25 15:30:14 UTC
In 3.12 onwards