Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:4801: Red Hat Security Advisory: rsyslog security update

An update for rsyslog is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server
Red Hat Security Data
#sql#vulnerability#linux#red_hat#js#kubernetes#sap#ssl

Issued:

2022-05-30

Updated:

2022-05-30

RHSA-2022:4801 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: rsyslog security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for rsyslog is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format.

Security Fix(es):

  • rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2081353 - CVE-2022-24903 rsyslog: Heap-based overflow in TCP syslog server

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM

rsyslog-8.37.0-13.el8_1.1.src.rpm

SHA-256: 1f249335d38cacf7fd4ef310c01221b1c8355d3f76741b6bddf92bb5b7af890e

ppc64le

rsyslog-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: f2d28345ca069a079b73d75a51fdccc295cb95a0c9ab110d0742c53cadc09c93

rsyslog-crypto-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 173e8360f7cd1d6ece7634599012c308fb3d74afebc25c62053073ea381daa3a

rsyslog-crypto-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: f8c1ced747403c188ec32cae97c1ee875f58ec8386c47db82a1886273fe425eb

rsyslog-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 072d18ff6a411dfbb1828b077740805849a04eba01af9bd8d4d77fdfb883ca0a

rsyslog-debugsource-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: f87287a2ead1c424626993271b18347a6c4f9e4de50f081c5580f9e28ed35aa8

rsyslog-doc-8.37.0-13.el8_1.1.noarch.rpm

SHA-256: ff001f3ed1f2fbc9dd25bfc37a3e9d707707a7e95b20152ec13dc377f6d9462b

rsyslog-elasticsearch-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 2a8000c7d1258f2eaa067bbf4992901b486d5499c871d9d48c6e21742a37998e

rsyslog-elasticsearch-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 70a87291b309092a8b91a1fef8849e4407390cca0584586294f45b10e5fa92eb

rsyslog-gnutls-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: f9f7b6e38bc92489fd4c3457dda96d2edaf7693294ec509f07c8ea55900354a3

rsyslog-gnutls-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 2e00b859467115b7e245bf7b3cc3c03d731fb4224c88d22f95817b6e38d48766

rsyslog-gssapi-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 46140be68f486c239fb41197c35ee9cff8a0d44ea833d1f7d8cc1187794b853b

rsyslog-gssapi-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 52954d4030965f63b420b0593c6ae88eb75c3e9f7bd033c8102dd44a9a676103

rsyslog-kafka-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: d675502382235e36e74a046543de6de2e31837874e5fe13a9c80697ab5625c3f

rsyslog-kafka-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: b0fd1ee5ffc4e4ef32a59c3b367c19a182a195901715d0228233f70ac0a4121d

rsyslog-mmaudit-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: a94165d128065815378356263eb6c27c2da4446d9f1ada8aa3e5fb35404d2649

rsyslog-mmaudit-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 9e5fa6b9573c60e72989bcb5fdb796a8e2b74bd644d491f03ce2adefac9d8c41

rsyslog-mmjsonparse-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: dd413c1019f8b699be1954e1dc5dac94c3b6bfd5bfde805915de8eee0e73adc9

rsyslog-mmjsonparse-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 5fc5c3f4066a6fe330ad275fb8114375919735a1ba1412688125aa4322e9809b

rsyslog-mmkubernetes-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 9c7cb0cd21679553802a4a22ce5101fe646ceb7872d19c03c4d4701f1507aadb

rsyslog-mmkubernetes-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: db75b878d7c77fff649c2dfa92194528d3a4998bc8ce69138be83ede4cb5d088

rsyslog-mmnormalize-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 2e05db75958a115d20d3865b16558037ebb9a30f3bd7bb0927c6888fa379d708

rsyslog-mmnormalize-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: c2107c8669c6721eed2a8902313e9a2245216e4499486aa2e41b07b7caa9a75b

rsyslog-mmsnmptrapd-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 449ecf68175c1e7e79c564ddee3dd4870892f9ff502d89fd524804393a67badd

rsyslog-mmsnmptrapd-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: d4dc85f2bf688119a8109a64fe2294a462d87728d1cccaadcf75ae1c6ba78c6a

rsyslog-mysql-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: cac3f8d4d0333653205a6abbb4cd6af4319ca7d2e392baf9f60d13eea618fc0a

rsyslog-mysql-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: fc1e15ec509a98e1f4cd05738f4a911f8b759a2ccb3e06b1c345b0389314fddc

rsyslog-pgsql-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: dc28d372161f02fd5e4b768abdd21add5e1d64477323a07b446b6307c6625886

rsyslog-pgsql-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 2f21354a8525867d691babf24eef8da24ae493fba91c82c2246ebefe7887c77c

rsyslog-relp-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 8a3e3f664357fa379328196d0464fd996461498a9ab22f8dada550832ae3d25b

rsyslog-relp-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: ef928f4ca2987ce9ea633db2e1251e873709c11c95de49f65b05c59327a811e8

rsyslog-snmp-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 8e26bd8480f2bfc20e309a5e9369bd2437e09a16efe859f9a142f7e20091362e

rsyslog-snmp-debuginfo-8.37.0-13.el8_1.1.ppc64le.rpm

SHA-256: 2889540ef3a2efd6be095575ad695d568484f58cbf2dc140ffd166e24e258a6a

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.1

SRPM

rsyslog-8.37.0-13.el8_1.1.src.rpm

SHA-256: 1f249335d38cacf7fd4ef310c01221b1c8355d3f76741b6bddf92bb5b7af890e

x86_64

rsyslog-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 4706adf8fb4fe60f48f1487689d61033c906f3414489847197cd58b69706d9cb

rsyslog-crypto-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 6abf3afeebfa53dba6a460efad533a954679f71a44f804253e7785258e63f77c

rsyslog-crypto-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: bbe790948cdbf3a30a32ade1f95eae3bc51bff82fe21609356a8e97a4fe0042c

rsyslog-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 86cb50edacaca0a02707af352e4cd7ee5d8840a329235ad9ef304fa5fe89b1a7

rsyslog-debugsource-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 006732a24225a800ada087a6072cf50ca84e47fb88c289ddd1c1b55f31cbac61

rsyslog-doc-8.37.0-13.el8_1.1.noarch.rpm

SHA-256: ff001f3ed1f2fbc9dd25bfc37a3e9d707707a7e95b20152ec13dc377f6d9462b

rsyslog-elasticsearch-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 4ae6b78a004143d08efc6bde510b0d02c7a31d36f9eea156d791df9f600d41c9

rsyslog-elasticsearch-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 856537d8077b373d6ab8fdb8bc98f50d3120f41164dfbb35e545302273b217ce

rsyslog-gnutls-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 165ba0d7657ba494aeaccb1dbdf52b372411ea01030c1c7256ca57da84c87769

rsyslog-gnutls-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: ee2d439c8e193d7ec6359e0a128464f7e561c01adfa852dc88860a7bccea547a

rsyslog-gssapi-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: e329697e6b1798b4bc84545649ab1b699b40aa5153cbca7962f17c337b613f05

rsyslog-gssapi-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 29511f430197acdadbd563f1da4daa0e82a59f18667e716acfa0ec485413f411

rsyslog-kafka-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: b67855f18a1bde9e1010136d7ef774a520b383838d224f6fdbfdb16bd0fa7123

rsyslog-kafka-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 9f7804c46178c4f17fafaf1ef8369e96c467af0bdd8c9567dea8e69ec87545f0

rsyslog-mmaudit-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 41e1e37ae024bae5ba44e00f834c219111aa1999b22af75e862a5f3b6327aaed

rsyslog-mmaudit-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 51d9ecf044be99e49a081886a2a29f63c6a85310f1477339bffcc69ea21facc4

rsyslog-mmjsonparse-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 5ea97dd4fb116e6f8c639a510d2a8d7ab9563f3649453f680aaa3c19a6fe2d83

rsyslog-mmjsonparse-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 94996b20f7a082775fa494e6926b0bce54ffdb94ce6f3fcd5afb852343302af3

rsyslog-mmkubernetes-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 849c8defaf2c057014d2b7c17ce385ec5e209afb574a614a3ae7f349bbce29e3

rsyslog-mmkubernetes-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: dc62f147bb2e994ce05d0a30d73be6c4f16f50f097cd671bd3b5540ff559f8fa

rsyslog-mmnormalize-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 900578bf9370f12ef53773caabe9cb647c53cd7f275531933beb4a5e46b8dfac

rsyslog-mmnormalize-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: ca523745329962efaabd02f62a9420de9319db1522a7c6c713c430f90eec47fc

rsyslog-mmsnmptrapd-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 9711397036289d164e2d395c969f5dcce02fef57c066aa29edb42f97a85f910a

rsyslog-mmsnmptrapd-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 111ce82f593170393ee585fad1ad49c97f27390141bedcfd48487cc08666280c

rsyslog-mysql-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: b5709b61a391269d6b1e10cd15d5cabbd277625373719c3b587b03007bb3b95f

rsyslog-mysql-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 984cb75072e4efa35a5111137a9f850b0b37b5873eb73d0d4f9879b5a0ddcafc

rsyslog-pgsql-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 044b87be3c9a8b91257c1a34b001a509dc5d1f1220abd04d0cbada5520f4a39b

rsyslog-pgsql-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: ab76c5a53d4bf3495d61a9dec22f796e3eeb9bbfadfb2370da8b160ad99d8350

rsyslog-relp-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 1458138713a44dfc112407730b94c50e676c13cfc195ba2798284cc015cdee17

rsyslog-relp-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: 18d42c52e84dd64312be5b7749d44040978b6bb3e915138eae239089bfd2a8fa

rsyslog-snmp-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: afa892b4ee04de53322864d3c5c991c3223aa9f132b9db7d4ec3a2673cd710e7

rsyslog-snmp-debuginfo-8.37.0-13.el8_1.1.x86_64.rpm

SHA-256: fe87ddd31aedd7bcc46ce675263415325d559649203df6b075361506585d4010

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Gentoo Linux Security Advisory 202408-28

Gentoo Linux Security Advisory 202408-28 - A vulnerability has been discovered in rsyslog, which could possibly lead to remote code execution. Versions greater than or equal to 8.2206.0 are affected.

CVE-2022-43908: Security Bulletin: IBM Security Guardium is affected by several vulnerabilities

IBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

CVE-2022-4780: ISOS release notes - Elvexys SA

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change.

Red Hat Security Advisory 2022-5069-01

Red Hat Security Advisory 2022-5069-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include code execution, cross site scripting, denial of service, information leakage, and traversal vulnerabilities.

RHSA-2022:5069: Red Hat Security Advisory: OpenShift Container Platform 4.11.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-23566: nanoid: Information disclosure via valueOf() function * CVE-2021-23648: sanitize-url: XSS * CVE-2021-41190: opencontainers: OCI manifest and index parsing confusion * CVE-2021-44906:...

RHSA-2022:5439: Red Hat Security Advisory: RHV-H security update (redhat-virtualization-host) 4.3.23

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-25032: zlib: A flaw found in zlib when compressing (not decompressing) certain inputs * CVE-2022-1271: gzip: arbitrary-file-write vulnerability * CVE-2022-1966: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root * CVE-2...

Red Hat Security Advisory 2022-4896-01

Red Hat Security Advisory 2022-4896-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include heap overflow, out of bounds write, and use-after-free vulnerabilities.

RHSA-2022:4896: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update [ovirt-4.5.0]

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-25032: zlib: A flaw found in zlib when compressing (not decompressing) certain inputs * CVE-2021-4028: kernel: use-after-free in RDMA listen() * CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it * CVE-2022-0778: openssl:...

Red Hat Security Advisory 2022-4808-01

Red Hat Security Advisory 2022-4808-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. The rsyslog7 packages provide an enhanced, multi-threaded syslog daemon. It supports on-demand disk buffering, reliable syslog over TCP, SSL, TLS and RELP, writing to databases, email alerting, fully configurable output formats, the ability to filter on any part of the syslog message, on-the-wire message compression, and the ability to convert text files to syslog. Issues addressed include a heap overflow vulnerability.

Red Hat Security Advisory 2022-4795-01

Red Hat Security Advisory 2022-4795-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.

Red Hat Security Advisory 2022-4803-01

Red Hat Security Advisory 2022-4803-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.

Red Hat Security Advisory 2022-4801-01

Red Hat Security Advisory 2022-4801-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.

RHSA-2022:4799: Red Hat Security Advisory: rsyslog security update

An update for rsyslog is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server

RHSA-2022:4802: Red Hat Security Advisory: rsyslog security update

An update for rsyslog is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server

RHSA-2022:4800: Red Hat Security Advisory: rsyslog security update

An update for rsyslog is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server

RHSA-2022:4803: Red Hat Security Advisory: rsyslog security update

An update for rsyslog is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server

RHSA-2022:4795: Red Hat Security Advisory: rsyslog security update

An update for rsyslog is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server

Ubuntu Security Notice USN-5404-2

Ubuntu Security Notice 5404-2 - USN-5404-1 addressed a vulnerability in Rsyslog. This update provides the corresponding update for Ubuntu 16.04 ESM. Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash.

CVE-2022-24903

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code execution. But there may still be a slight chance for experts to do that. The bug occurs when the octet count is read. While there is a check for the maximum number of octets, digits are written to a heap buffer even when the octet count is over the maximum, This can be used to overrun the memory buffer. However, once the sequence of digits stop, no additional characters can be added to the buffer. In our opinion, this makes remote exploits impossible or at least highly complex. Octet-counted framing is one of two potential framing modes. It is relatively uncommon, but enabled by default on receivers. Modules `imtcp`, `imptcp`, `imgssapi`, and `imhttp` are used for regular syslog message reception. ...

CVE-2011-4623: rsyslog/ChangeLog at master · rsyslog/rsyslog

Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.