Published: 07/10/2019 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

An issue exists in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rsyslog rsyslog 8.1908.0
fedoraproject fedora 30
fedoraproject fedora 31
debian debian linux 9.0
opensuse leap 15.0
opensuse leap 15.1

Debian Bug report logs - #942065 rsyslog: CVE-2019-17042 Package: src:rsyslog; Maintainer for src:rsyslog is Michael Biebl <biebl@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 9 Oct 2019 19:09:02 UTC Severity: normal Tags: security, upstream Found in version rsyslog/819080-1 For ...

Synopsis Moderate: rsyslog security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for rsyslog is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...

Synopsis Moderate: rsyslog security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for rsyslog is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...

An issue was discovered in Rsyslog v819080 contrib/pmaixforwardedfrom/pmaixforwardedfromc has a heap overflow in the parser for AIX log messages The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint If the string does not match, then the varia ...

CWE-20 https://github.com/rsyslog/rsyslog/pull/3883 https://github.com/rsyslog/rsyslog/blob/v8-stable/ChangeLog http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00032.html https://lists.debian.org/debian-lts-announce/2021/11/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6SUQE25RD37CD24BHKUWMG27U5RQ2FU/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPNCHI7X2IEXRH6RYD6IDPR4PLB5RPC7/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942065 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2020-1447.html

CVE-2019-17042

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect