18 matches found
MiracleLinux 9 : logrotate-3.18.0-7.el9 (AXSA:2023-4595:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-4595:01 advisory. logrotate: potential DoS from unprivileged users via the state file CVE-2022-1348 Tenable has extracted the preceding description block directly from the...
Oracle Linux 9 : logrotate (ELSA-2022-8393)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-8393 advisory. - fix potential DoS from unprivileged users via the state file CVE-2022-1348 Mon Aug 09 2021 Mohan Boddu Tenable has extracted the preceding description block...
AlmaLinux 9 : logrotate (ALSA-2022:8393)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:8393 advisory. - A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate...
RHEL 9 : logrotate (RHSA-2022:8393)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:8393 advisory. The logrotate utility simplifies the administration of multiple log files by allowing their automatic rotation, compression, removal, and mailing...
Moderate: Red Hat Security Advisory: logrotate security update
An update for logrotate is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RLSA-2022:8393 Moderate: logrotate security update
The logrotate utility simplifies the administration of multiple log files by allowing their automatic rotation, compression, removal, and mailing. Security Fixes: logrotate: potential DoS from unprivileged users via the state file CVE-2022-1348 For more details about the security issues, includin...
Moderate: logrotate security update
The logrotate utility simplifies the administration of multiple log files by allowing their automatic rotation, compression, removal, and mailing. Security Fixes: logrotate: potential DoS from unprivileged users via the state file CVE-2022-1348 For more details about the security issues, includin...
Amazon Linux 2022 : logrotate (ALAS2022-2022-189)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-189 advisory. A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock...
openSUSE: Security Advisory for logrotate (SUSE-SU-2022:2396-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : logrotate (SUSE-SU-2022:2396-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2396-1 advisory. - A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel...
CVE-2022-1348 affecting package logrotate 3.18.1-1
CVE-2022-1348 affecting package logrotate 3.18.1-1. An upgraded version of the package is available that resolves this issue...
SUSE-SU-2022:2396-1 Security update for logrotate
This update for logrotate fixes the following issues: Security issues fixed: - CVE-2022-1348: Fixed insecure permissions for state file creation bsc1199652. - Improved coredump handing for SUID binaries bsc1192449. Non-security issues fixed: - Fixed 'logrotate emits unintended warning: keyword si...
SUSE: Security Advisory (SUSE-SU-2022:2396-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-1348 affecting package logrotate for versions less than 3.20.1-1
CVE-2022-1348 affecting package logrotate for versions less than 3.20.1-1. An upgraded version of the package is available that resolves this issue...
OESA-2022-1724 logrotate security update
The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files.logrotate Logrotate can be set to handle a log file daily, weekly, monthly or whe...
Ubuntu 22.04 LTS : logrotate vulnerability (USN-5447-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5447-1 advisory. It was discovered that logrotate incorrectly handled the state file. A local attacker could possibly use this issue to keep a lock on the state file and cause...
CVE-2022-1348
CVE-2022-1348 affects logrotate. Root cause: when the state file is missing, logrotate creates it with world-readable permissions, allowing an unprivileged user to lock the state file and halt rotations. Impact: denial of rotation for any files processed by logrotate, potentially disrupting log m...
CVE-2022-1348
A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an...