CVE-2013-4205

2013-08-2503:27:00

CWE-399

[email protected]

web.nvd.nist.gov

linux kernel

cve-2013-4205

memory leak

unshare_userns

denial of service

nvd

5.8 Medium

AI Score

Confidence

Low

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Memory leak in the unshare_userns function in kernel/user_namespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service (memory consumption) via an invalid CLONE_NEWUSER unshare call.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq3.9.0
linux:linux_kernellinux linux kerneleq3.2.21
linux:linux_kernellinux linux kerneleq3.4.30
linux:linux_kernellinux linux kerneleq3.4.4
linux:linux_kernellinux linux kerneleq3.0.25
linux:linux_kernellinux linux kerneleq3.1.2
linux:linux_kernellinux linux kerneleq3.4.11
linux:linux_kernellinux linux kerneleq3.0
linux:linux_kernellinux linux kerneleq3.2.19
linux:linux_kernellinux linux kerneleq3.0.22

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	3.9.0
linux:linux_kernel	linux linux kernel	eq	3.2.21
linux:linux_kernel	linux linux kernel	eq	3.4.30
linux:linux_kernel	linux linux kernel	eq	3.4.4
linux:linux_kernel	linux linux kernel	eq	3.0.25
linux:linux_kernel	linux linux kernel	eq	3.1.2
linux:linux_kernel	linux linux kernel	eq	3.4.11
linux:linux_kernel	linux linux kernel	eq	3.0
linux:linux_kernel	linux linux kernel	eq	3.2.19
linux:linux_kernel	linux linux kernel	eq	3.0.22