Amazon Linux 2 : rsyslog (ALAS-2022-1803)

The version of rsyslog installed on the remote host is prior to 8.24.0-57. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1803 advisory. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local...

AlmaLinux 8 : rsyslog (ALSA-2022:4799)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:4799 advisory. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. Th...

CVE-2022-24903 affecting package rsyslog for versions less than 8.2204.1-1

CVE-2022-24903 affecting package rsyslog for versions less than 8.2204.1-1. An upgraded version of the package is available that resolves this issue...

rsyslog: Heap-based overflow in TCP syslog server

A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code...

RHEL 8 : Red Hat Virtualization security, update [ovirt-4.5.0] (Important) (RHSA-2022:4896)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4896 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...

Scientific Linux Security Update : rsyslog on SL7.x x86_64 (2022:4803)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:4803-1 advisory. - rsyslog: Heap-based overflow in TCP syslog server CVE-2022-24903 Note that Nessus has not tested for this issue but has instead relied only on the...

Important: Red Hat Security Advisory: rsyslog and rsyslog7 security update

An update for rsyslog and rsyslog7 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

rsyslog security update

8.24.0-57.0.4.el79.3 - Newer gcc complains about implicit declaration of prctl. Added header file to quiesce the compiler 8.24.0-57.3 - Address CVE-2022-24903, Heap-based overflow in TCP syslog server resolves: rhbz2081395...

RHEL 6 : rsyslog and rsyslog7 (RHSA-2022:4808)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4808 advisory. The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on...

Oracle Linux 7 : rsyslog (ELSA-2022-4803)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-4803 advisory. 8.24.0-57.0.4.el79.3 - Newer gcc complains about implicit declaration of prctl. Added header file to quiesce the compiler 8.24.0-57.3 - Address CVE-2022-24903,...

Debian DSA-5150-1 : rsyslog - security update

The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5150 advisory. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This...

Debian: Security Advisory (DSA-5150-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: rsyslog security update

An update for rsyslog is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

rsyslog: Heap-based overflow in TCP syslog server

A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code...

rsyslog: Heap-based overflow in TCP syslog server

A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code...

Important: Red Hat Security Advisory: rsyslog security update

An update for rsyslog is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

rsyslog: Heap-based overflow in TCP syslog server

A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code...

Important: Red Hat Security Advisory: rsyslog security update

An update for rsyslog is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: rsyslog security update

An update for rsyslog is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

rsyslog: Heap-based overflow in TCP syslog server

A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code...