{
  "threat_severity" : "Low",
  "public_date" : "2011-05-05T00:00:00Z",
  "bugzilla" : {
    "description" : "glibc: svc_run() produces high cpu usage when accept() fails with EMFILE error",
    "id" : "767299",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=767299"
  },
  "cvss" : {
    "cvss_base_score" : "3.3",
    "cvss_scoring_vector" : "AV:A/AC:L/Au:N/C:N/I:N/A:P",
    "status" : "verified"
  },
  "details" : [ "The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.", "A denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "release_date" : "2012-02-13T00:00:00Z",
    "advisory" : "RHSA-2012:0125",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4",
    "package" : "glibc-0:2.3.4-2.57"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2012-02-13T00:00:00Z",
    "advisory" : "RHSA-2012:0126",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "glibc-0:2.5-65.el5_7.3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2012-01-24T00:00:00Z",
    "advisory" : "RHSA-2012:0058",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "glibc-0:2.12-1.47.el6_2.5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-4609\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-4609" ],
  "name" : "CVE-2011-4609",
  "csaw" : false
}