Published: 25/01/2019 Updated: 06/10/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions prior to 8.27.0 are vulnerable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rsyslog rsyslog
redhat enterprise linux desktop 7.0
redhat enterprise linux workstation 7.0
redhat enterprise linux for scientific computing 7.0
redhat enterprise linux server 7.0
redhat enterprise linux for power little endian 7.0
redhat enterprise linux for power big endian 7.0
redhat enterprise linux for ibm z systems 7.0
redhat virtualization manager 4.3
redhat virtualization_host 4.0
redhat virtualization 4.0
debian debian linux 9.0

Synopsis Moderate: rsyslog security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for rsyslog is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...

Synopsis Important: Red Hat Virtualization security update Type/Severity Security Advisory: Important Topic An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Impo ...

Synopsis Moderate: rhvm-appliance security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for rhvm-appliance is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of ...

A denial of service vulnerability was found in rsyslog in the imptcp module An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash(CVE-2018-16881) ...

CWE-190 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881 https://access.redhat.com/errata/RHSA-2019:2110 https://access.redhat.com/errata/RHSA-2019:2439 https://access.redhat.com/errata/RHSA-2019:2437 https://access.redhat.com/errata/RHBA-2019:2501 https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2019:2110 https://alas.aws.amazon.com/AL2/ALAS-2019-1369.html

CVE-2018-16881

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect