8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.227 Low
EPSS
Percentile
96.4%
Issue Overview:
A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially in rsyslog 7.x, execute arbitrary code as the user running the rsyslog daemon. (CVE-2014-3634)
A flaw was found in rsyslog’s reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code execution. (CVE-2022-24903)
Affected Packages:
rsyslog
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update rsyslog to update your system.
New Packages:
aarch64:
rsyslog-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-crypto-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-elasticsearch-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-mmjsonparse-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-mmnormalize-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-mmaudit-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-mmsnmptrapd-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-libdbi-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-mysql-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-pgsql-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-gssapi-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-relp-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-gnutls-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-snmp-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-udpspoof-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-kafka-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-mmkubernetes-8.24.0-57.amzn2.2.0.1.aarch64
rsyslog-debuginfo-8.24.0-57.amzn2.2.0.1.aarch64
i686:
rsyslog-8.24.0-57.amzn2.2.0.1.i686
rsyslog-crypto-8.24.0-57.amzn2.2.0.1.i686
rsyslog-elasticsearch-8.24.0-57.amzn2.2.0.1.i686
rsyslog-mmjsonparse-8.24.0-57.amzn2.2.0.1.i686
rsyslog-mmnormalize-8.24.0-57.amzn2.2.0.1.i686
rsyslog-mmaudit-8.24.0-57.amzn2.2.0.1.i686
rsyslog-mmsnmptrapd-8.24.0-57.amzn2.2.0.1.i686
rsyslog-libdbi-8.24.0-57.amzn2.2.0.1.i686
rsyslog-mysql-8.24.0-57.amzn2.2.0.1.i686
rsyslog-pgsql-8.24.0-57.amzn2.2.0.1.i686
rsyslog-gssapi-8.24.0-57.amzn2.2.0.1.i686
rsyslog-relp-8.24.0-57.amzn2.2.0.1.i686
rsyslog-gnutls-8.24.0-57.amzn2.2.0.1.i686
rsyslog-snmp-8.24.0-57.amzn2.2.0.1.i686
rsyslog-udpspoof-8.24.0-57.amzn2.2.0.1.i686
rsyslog-kafka-8.24.0-57.amzn2.2.0.1.i686
rsyslog-mmkubernetes-8.24.0-57.amzn2.2.0.1.i686
rsyslog-debuginfo-8.24.0-57.amzn2.2.0.1.i686
noarch:
rsyslog-doc-8.24.0-57.amzn2.2.0.1.noarch
src:
rsyslog-8.24.0-57.amzn2.2.0.1.src
x86_64:
rsyslog-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-crypto-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-elasticsearch-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-mmjsonparse-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-mmnormalize-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-mmaudit-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-mmsnmptrapd-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-libdbi-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-mysql-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-pgsql-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-gssapi-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-relp-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-gnutls-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-snmp-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-udpspoof-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-kafka-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-mmkubernetes-8.24.0-57.amzn2.2.0.1.x86_64
rsyslog-debuginfo-8.24.0-57.amzn2.2.0.1.x86_64
Red Hat: CVE-2014-3634, CVE-2022-24903
Mitre: CVE-2014-3634, CVE-2022-24903
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.227 Low
EPSS
Percentile
96.4%