CVE-2011-4609 β€” Glibc vulnerability

CWE-3996 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 35.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Glibc
Timeline
PublishedMay 2
Latest updateMay 17

Description

The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

β–ΆNVDgnu/glibc2.14+14

πŸ”΄Vulnerability Details

2
GHSA
GHSA-crf6-458w-xw5q: The svc_run function in the RPC implementation in glibc before 2β†—2022-05-17
β–Ά
CVEList
CVE-2011-4609: The svc_run function in the RPC implementation in glibc before 2β†—2013-05-02
β–Ά

πŸ“‹Vendor Advisories

2
Ubuntu
GNU C Library vulnerabilities↗2012-03-09
β–Ά
Red Hat
glibc: svc_run() produces high cpu usage when accept() fails with EMFILE error↗2011-05-05
β–Ά

πŸ’¬Community

1
Bugzilla
CVE-2011-4609 glibc: svc_run() produces high cpu usage when accept() fails with EMFILE error↗2011-12-13
β–Ά
CVE-2011-4609 β€” GNU Glibc vulnerability | cvebase