Lucene search
HistoryMay 18, 2023 - 8:15 a.m.
CVE-2023-33204
sysstat
integer overflow
vulnerability
cve-2023-33204
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.7
Confidence
High
EPSS
0.005
Percentile
76.6%
sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377.
Affected configurations
Node
sysstat_projectsysstatRange≤12.7.2
Node
fedoraprojectfedoraMatch37
ORfedoraprojectfedoraMatch38
Node
debiandebian_linuxMatch10.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sysstat_project | sysstat | * | cpe:2.3:a:sysstat_project:sysstat:*:*:*:*:*:*:*:* |
| fedoraproject | fedora | 37 | cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* |
| fedoraproject | fedora | 38 | cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* |
| debian | debian_linux | 10.0 | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
References
github.com/sysstat/sysstat/pull/360
lists.debian.org/debian-lts-announce/2023/05/msg00026.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7UUEKMNDMC6RZTI4O367ZD2YKCOX5THX/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NUBFX3UNOSM7KFUIB3J32ASYT5ZRXJQV/
Related
nessus
nessus
RHEL 7 : sysstat (Unpatched Vulnerability)
2024-05-11 00:00:00
Fedora 38 : sysstat (2023-ac947ec260)
2023-07-02 00:00:00
EulerOS 2.0 SP10 : sysstat (EulerOS-SA-2023-2370)
2023-07-18 00:00:00
osv
osv
sysstat vulnerabilities
2023-06-07 13:37:13
CVE-2023-33204
2023-05-18 08:15:08
Moderate: sysstat security and bug fix update
2023-11-14 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for sysstat (EulerOS-SA-2023-2551)
2023-08-03 00:00:00
Huawei EulerOS: Security Advisory for sysstat (EulerOS-SA-2023-2671)
2023-09-05 00:00:00
Mageia: Security Advisory (MGASA-2023-0203)
2023-06-20 00:00:00
redhatcve
redhatcve
CVE-2023-33204
2023-05-18 12:58:00
CVE-2022-39377
2022-11-09 06:56:03
ubuntucve
ubuntucve
CVE-2023-33204
2023-05-18 00:00:00
CVE-2022-39377
2022-11-08 00:00:00
cloudfoundry
cloudfoundry
USN-6145-1: Sysstat vulnerabilities | Cloud Foundry
2023-10-05 00:00:00
USN-5748-1: Sysstat vulnerability | Cloud Foundry
2023-01-19 00:00:00
debiancve
debiancve
CVE-2023-33204
2023-05-18 08:15:08
CVE-2022-39377
2022-11-08 20:15:11
cvelist
cvelist
CVE-2023-33204
2023-05-18 00:00:00
ubuntu
ubuntu
Sysstat vulnerabilities
2023-06-07 00:00:00
Sysstat vulnerability
2022-11-22 00:00:00
Sysstat vulnerability
2022-11-29 00:00:00
mageia
mageia
Updated sysstat packages fix security vulnerability
2023-06-19 19:29:01
Updated sysstat packages fix security vulnerability
2022-11-19 01:50:51
cloudlinux
cloudlinux
sysstat: Fix of 2 CVEs
2023-05-29 16:18:46
cve
cve
CVE-2023-33204
2023-05-18 08:15:08
CVE-2022-39377
2022-11-08 20:15:11
alpinelinux
alpinelinux
CVE-2023-33204
2023-05-18 08:15:08
CVE-2022-39377
2022-11-08 20:15:11
debian
debian
[SECURITY] [DLA 3434-1] sysstat security update
2023-05-27 11:39:38
[SECURITY] [DLA 3188-1] sysstat security update
2022-11-13 21:55:28
prion
prion
Integer overflow
2023-05-18 08:15:00
Out-of-bounds
2022-11-08 20:15:00
amazon
amazon
Important: sysstat
2023-06-05 16:39:00
Medium: sysstat
2023-01-30 16:02:00
cgr
cgr
CVE-2023-33204 vulnerabilities
2024-05-19 03:07:16
almalinux
almalinux
Moderate: sysstat security and bug fix update
2023-11-07 00:00:00
Moderate: sysstat security and bug fix update
2023-11-14 00:00:00
Moderate: sysstat security and bug fix update
2023-05-16 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: sysstat-12.7.4-1.fc38
2023-07-02 01:06:00
[SECURITY] Fedora 36 Update: sysstat-12.5.6-2.fc36
2022-11-18 00:45:50
[SECURITY] Fedora 37 Update: sysstat-12.6.2-2.fc37
2023-07-20 05:18:30
redhat
redhat
(RHSA-2023:7010) Moderate: sysstat security and bug fix update
2023-11-14 08:42:30
(RHSA-2023:2800) Moderate: sysstat security and bug fix update
2023-05-16 05:54:56
(RHSA-2023:2234) Moderate: sysstat security and bug fix update
2023-05-09 05:04:18
veracode
veracode
Integer Overflow
2023-10-11 13:51:01
Remote Code Execution (RCE)
2022-12-06 10:15:53
cbl_mariner
cbl_mariner
CVE-2022-39377 affecting package sysstat for versions less than 12.7.1-1
2022-12-09 00:19:53
CVE-2023-33204 affecting package sysstat for versions less than 12.7.1-2
2023-06-02 21:37:28
CVE-2022-39377 affecting package sysstat 12.3.3-2
2020-11-30 19:30:40
oraclelinux
oraclelinux
sysstat security and bug fix update
2023-11-17 00:00:00
sysstat security and bug fix update
2023-05-24 00:00:00
sysstat security and bug fix update
2023-11-11 00:00:00
slackware
slackware
[slackware-security] sysstat
2022-11-09 21:21:31
wolfi
wolfi
CVE-2023-33204 vulnerabilities
2024-09-27 09:13:12
rosalinux
rosalinux
Advisory ROSA-SA-2024-2402
2024-04-17 13:41:55
Advisory ROSA-SA-2023-2198
2023-07-25 10:17:07
redos
redos
ROS-20240806-04
2024-08-06 00:00:00
nvd
nvd
CVE-2022-39377
2022-11-08 20:15:11
gentoo
gentoo
sysstat: Arbitrary Code Execution
2022-11-22 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-4.0-0285
2022-11-20 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0408
2023-06-13 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0491
2022-11-22 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.7
Confidence
High
EPSS
0.005
Percentile
76.6%
Related for NVD:CVE-2023-33204