Medium severity4.7NVD Advisory· Published Dec 28, 2016· Updated May 6, 2026

CVE-2016-6213

Description

fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by a loop that triggers exponential growth in the number of mounts.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdPatchVendor Advisory
github.com/torvalds/linux/commit/d29216842a85c7970c536108e093963f02714498nvdPatch
www.openwall.com/lists/oss-security/2016/07/13/8nvdMailing List
bugzilla.redhat.com/show_bug.cginvdIssue Tracking
www.securityfocus.com/bid/91754nvd
access.redhat.com/errata/RHSA-2017:1842nvd
access.redhat.com/errata/RHSA-2017:2077nvd

News mentions

No linked articles in our index yet.

cvss	0.306
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000