Debian Security Advisory 5150-1

Debian Security Advisory 5150-1: Posted May 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5150-1 - Peter Agten discovered that several modules for TCP syslog reception in rsyslog, a system and kernel logging daemon, have buffer overflow flaws when octet-counted framing is used, which could result in denial of service or potentially the execution of arbitrary code.; tags | advisory, denial of service, overflow, arbitrary, kernel, tcp; systems | linux, debian; advisories | CVE-2022-24903; SHA-256 | e4778e769832dd9146a37a7c1719d90772ee712460dc84d2d00fa1c1d0f9272e; Download | Favorite | View

Debian Security Advisory 5150-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5150-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 28, 2022                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : rsyslog
CVE ID         : CVE-2022-24903
Debian Bug     : 1010619

Peter Agten discovered that several modules for TCP syslog reception in
rsyslog, a system and kernel logging daemon, have buffer overflow flaws
when octet-counted framing is used, which could result in denial of
service or potentially the execution of arbitrary code.

For the oldstable distribution (buster), this problem has been fixed
in version 8.1901.0-1+deb10u2.

For the stable distribution (bullseye), this problem has been fixed in
version 8.2102.0-2+deb11u1.

We recommend that you upgrade your rsyslog packages.

For the detailed security status of rsyslog please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/rsyslog

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmKSdpRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SP/g//eOtveZA6g5gcFhcyACpQ+u7MKT8QowuuxU4gNAoBzUW30obGR7d8L4gQ
GCtT8hH7rekjOf6TcdE62JIt0bxzaOPzRfg1dc1tv7rzvNUfB4qOg8OsPkG0ikRU
VJ/nS0dN+LvPkILop3tMDPJwEdm3D31WXjB2wQbOxEAgd1RNllgY0vKSookne898
zOOjzrRM0mAyFuHGhdm0j7jVk2fC/6DSKAqNXuN5ojHv0gpctcg8wARCzP9zzo37
f/hnN4XtsO1Rs2ASAD0l+I/i2+2MCnlpnIDS7ofox25kw6TngYrRLr2F1eDM9rU7
nA6RPyySy2JtsU3ZS09j0+vb5eOBa4OyqF1QkmcVvg5Se8kPAFCkXCtrjjla4lrD
SYlU8ewo6h5ByDJbCDxA+XX4SqDH/5T5ZV11ifrnvkuxPUUZpC/dYb3N3AZ+YpTH
ZhySCBcUipW9m2kCqxZIK8RP/OXGLTgdRtgRQRN0dstyERMUkYhlK18QcMGwUNcR
+8T8a9YFo/YkbSTGCrHhGOuTVtpeXk0xI13bfdokwwbgrU8qZs3tZg9n7tbgESZY
1IsHwA2uTV+UylLZ/B8FNvXUY7OQwAK1Uu+KJg9cMFE5TEuhqpeieq7r+Sbvfi5b
jpWIa4hBn4CBGwJdyoujAGvXEENIpTGVzAiSZbf4lOajjLKuO+o=
=c/R7
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 235 files
Ubuntu 50 files
Debian 19 files
LiquidWorm 16 files
Apple 9 files
Gentoo 5 files
Alter Prime 3 files
Google Security Research 3 files
Pierre Kim 2 files
EQSTLab 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

Debian Security Advisory 5150-1

Debian Security Advisory 5150-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5150-1

Share This

Debian Security Advisory 5150-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems