Amazon Linux 2022 : sysstat (ALAS2022-2022-255)

The version of sysstat installed on the remote host is prior to 12.5.6-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-255 advisory. - sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer b...

Remote Code Execution (RCE)

sysstat is vulnerable to remote code execution. The vulnerability exists in allocatestructures function of sacommon.c due to insufficiently checks bounds before arithmetic multiplication which allows an attacker to inject and execute malicious query parameters...

Ubuntu: Security Advisory (USN-5748-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5748-1: Sysstat vulnerability

It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Sysstat vulnerability (USN-5748-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5748-1 advisory. It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat t...

USN-5735-1: Sysstat vulnerability

It was discovered that Sysstat did not properly check bounds when perfoming certain arithmetic operations on 32 bit systems. An attacker could possibly use this issue to cause a crash or arbitrary code execution...

USN-5735-1 sysstat vulnerability

It was discovered that Sysstat did not properly check bounds when perfoming certain arithmetic operations on 32 bit systems. An attacker could possibly use this issue to cause a crash or arbitrary code execution...

Important Photon OS Security Update - PHSA-2022-3.0-0491

Updates of 'sysstat', 'libtiff', 'wireshark' packages of Photon OS have been released...

sysstat: Arbitrary Code Execution

Background sysstat is a package containing a number of performance monitoring utilities for Linux, including sar, mpstat, iostat and sa tools. Description On 32 bit systems, an integer overflow can be triggered when displaying activity data files. Impact Arbitrary code execution can be achieved v...

Updated sysstat packages fix security vulnerability

On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocatestructures contains a sizet overflow in sacommon.c. The allocatestructures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representin...

sysstat Incorrect Buffer Size calculation on 32-bit systems results in RCE via buffer overflow

...

Fedora: Security Advisory for sysstat (FEDORA-2022-9f3af921a5)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for sysstat (FEDORA-2022-dbe48a4bc7)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for sysstat (FEDORA-2022-5adda2d05f)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian dla-3188 : isag - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3188 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3188-1 [email protected]...

[SECURITY] [DLA 3188-1] sysstat security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-3188-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 14, 2022 https://wiki.debian.org/LTS -...

Slackware: Security Advisory (SSA:2022-313-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] sysstat

New sysstat packages are available for Slackware 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/sysstat-12.7.1-i586-1slack15.0.txz: Upgraded. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,...

CVE-2022-39377

An arithmetic overflow issue was discovered in Sysstat on 32-bit systems. The allocatestructures function in sacommon.c insufficiently checks bounds before arithmetic multiplication, allowing an overflow in the size allocated for the buffer representing system activities. The vulnerability can be...

Slackware Linux 14.2 / 15.0 / current sysstat Vulnerability (SSA:2022-313-01)

The version of sysstat installed on the remote host is prior to 12.7.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-313-01 advisory. - sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but...