Rsyslog is vulnerable to remote code execution (RCE) due to improper validation of input data when octet-counted framing is used. An attacker could exploit this vulnerability by supplying a system with maliciously crafted messages.

Products Affected.

Brocade SANnav - Fixed in Brocade SANnav 2.2.1

Products Under Investigation.

Brocade ASC Gateway (ASC-G)

Products Confirmed Not Affected.

Brocade Fabric OS.

******Revision History

nessus 57

oraclelinux 4

osv 8

redhat 12

redhatcve 1

cloudlinux 1

openvas 28

cbl_mariner 2

veracode 1

suse 1

ubuntucve 1

debian 2

ubuntu 2

debiancve 1

prion 1

fedora 2

cve 1

almalinux 1

redos 1

freebsd 1

rocky 2

broadcom 1

rosalinux 1

ibm 4

alpinelinux 1

mageia 1

amazon 2

ics 1

oracle 1

nessus

EulerOS 2.0 SP3 : rsyslog (EulerOS-SA-2022-2633)

2022-10-28 00:00:00

EulerOS 2.0 SP9 : rsyslog (EulerOS-SA-2022-2009)

2022-07-08 00:00:00

EulerOS Virtualization 2.9.0 : rsyslog (EulerOS-SA-2022-2400)

2022-09-24 00:00:00

oraclelinux

rsyslog security update

2022-06-30 00:00:00

rsyslog rsyslog7 security update

2022-09-14 00:00:00

rsyslog security update

2022-05-31 00:00:00

osv

CVE-2022-24903

2022-05-06 00:15:07

rsyslog vulnerability

2022-05-05 18:27:25

rsyslog vulnerability

2022-05-24 16:21:20

redhat

(RHSA-2022:4808) Important: rsyslog and rsyslog7 security update

2022-05-31 07:57:01

(RHSA-2022:4800) Important: rsyslog security update

2022-05-30 07:24:19

(RHSA-2022:4795) Important: rsyslog security update

2022-05-30 07:22:28

redhatcve

CVE-2022-24903

2022-05-05 13:36:34

cloudlinux

Fixed CVE-2022-24903 in rsyslog

2022-06-08 19:49:37

openvas

Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2022-2535)

2022-10-10 00:00:00

Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2022-1979)

2022-07-08 00:00:00

Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2022-2145)

2022-07-29 00:00:00

cbl_mariner

CVE-2022-24903 affecting package rsyslog 8.2108.0-2

2022-06-03 17:54:05

CVE-2022-24903 affecting package rsyslog 8.37.0-6

2022-06-15 17:03:08

veracode

Buffer Overflow

2022-05-11 10:43:59

suse

Security update for rsyslog (important)

2022-05-09 00:00:00

ubuntucve

CVE-2022-24903

2022-05-05 00:00:00

debian

[SECURITY] [DSA 5150-1] rsyslog security update

2022-05-28 19:26:20

[SECURITY] [DLA 3016-1] rsyslog security update

2022-05-20 21:58:25

ubuntu

Rsyslog vulnerability

2022-05-24 00:00:00

Rsyslog vulnerability

2022-05-05 00:00:00

debiancve

CVE-2022-24903

2022-05-06 00:15:00

prion

Heap overflow

2022-05-06 00:15:00

fedora

[SECURITY] Fedora 35 Update: rsyslog-8.2204.0-1.fc35

2022-05-17 01:56:45

[SECURITY] Fedora 36 Update: rsyslog-8.2204.0-1.fc36

2022-05-17 01:32:39

cve

CVE-2022-24903

2022-05-06 00:15:00

almalinux

Important: rsyslog security update

2022-05-30 07:24:07

redos

ROS-20240403-16

2024-04-03 00:00:00

freebsd

rsyslog8 -- heap buffer overflow on receiving TCP syslog

2022-05-05 00:00:00

rocky

rsyslog security update

2022-05-30 07:24:07

rsyslog security update

2022-05-30 07:22:28

broadcom

CVE-2022-24903: A flaw in rsyslog TCP module could allow an attacker to craft a malicious message leading to a heap-based buffer overflow. (BSA-2022-2127)

2022-11-08 00:00:00

rosalinux

Advisory ROSA-SA-2024-2381

2024-03-26 11:41:42

ibm

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow in rsyslog [ CVE-2022-24903]

2024-03-28 21:59:28

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in rsyslog (CVE-2022-24903).

2023-01-12 21:59:00

Security Bulletin: IBM Security Guardium is affected by several vulnerabilities

2023-09-19 19:45:35

alpinelinux

CVE-2022-24903

2022-05-06 00:15:00

mageia

Updated rsyslog packages fix security vulnerability

2022-05-08 10:58:48

amazon

Important: rsyslog

2022-05-31 23:47:00

Important: rsyslog

2022-05-31 23:50:00

ics

Siemens RUGGEDCOM ROX

2023-07-13 12:00:00

oracle

Oracle Critical Patch Update Advisory - January 2023

2023-01-17 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

JSON

Related for BSA-2022-2127