Debian Bug report logs -
#1010619
rsyslog: CVE-2022-24903: Potential heap buffer overflow in TCP syslog server (receiver) components
Package:
src:rsyslog;
Maintainer for src:rsyslog is Michael Biebl <biebl@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 5 May 2022 15:15:02 UTC
Severity: ...
Peter Agten discovered that several modules for TCP syslog reception in
rsyslog, a system and kernel logging daemon, have buffer overflow flaws
when octet-counted framing is used, which could result in denial of
service or potentially the execution of arbitrary code
For the oldstable distribution (buster), this problem has been fixed
in version 8 ...
A flaw was found in the way rsyslog handled invalid log message priority values In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially in rsyslog 7x, execute arbitrary code as the user running the rsyslog daemon (CVE-2014-3634)
A flaw ...
A flaw was found in the way rsyslog handled invalid log message priority values In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially in rsyslog 7x, execute arbitrary code as the user running the rsyslog daemon (CVE-2014-3634)
A flaw ...
Synopsis
Important: rsyslog and rsyslog7 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rsyslog and rsyslog7 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle SupportRed Ha ...
Synopsis
Important: RHV-H security update (redhat-virtualization-host) 4323
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for redhat-release-virtualization-host and redhat-virtualization-host is now availabl ...
Synopsis
Important: rsyslog security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rsyslog is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a ...
Synopsis
Important: rsyslog security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rsyslog is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a ...
Synopsis
Important: rsyslog security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rsyslog is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product Securit ...
Synopsis
Important: OpenShift Container Platform 4110 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 4110 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Co ...
Synopsis
Moderate: OpenShift Container Platform 4110 extras and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4110 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Conta ...
Synopsis
Important: Red Hat OpenShift Data Foundation 4130 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4130 on Red Hat Enterprise Linux 9Red Hat ...
A flaw was found in rsyslog's reception TCP modules This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code execution ...
A flaw was found in the way rsyslog handled invalid log message priority values In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially in rsyslog 7x, execute arbitrary code as the user running the rsyslog daemon (CVE-2014-3634)
A flaw ...
ALAS-2022-211
Amazon Linux 2022 Security Advisory: ALAS-2022-211
Advisory Release Date: 2022-12-06 16:41 Pacific
...