CVSS: 8.1EPSS: 1%CPEs: 6EXPL: 0CVE-2022-24903 – Buffer overflow in TCP syslog server (receiver) components in rsyslog
https://notcve.org/view.php?id=CVE-2022-24903
05 May 2022 — Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code execution. But there may still be a slight chance for experts to do that. • https://github.com/rsyslog/rsyslog/commit/f211042ecbb472f9d8beb4678a65d272b6f07705 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-17042 – rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c
https://notcve.org/view.php?id=CVE-2019-17042
07 Oct 2019 — An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat u... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00031.html • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 1CVE-2019-17041 – rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c
https://notcve.org/view.php?id=CVE-2019-17041
07 Oct 2019 — An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser w... • https://github.com/Resery/CVE-2019-17041 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-17040
https://notcve.org/view.php?id=CVE-2019-17040
30 Sep 2019 — contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled. El archivo contrib/pmdb2diag/pmdb2diag.c en Rsyslog versión v8.1908.0, permite el acceso fuera de límites porque la longitud del nivel se maneja inapropiadamente. • https://github.com/rsyslog/rsyslog/blob/v8-stable/ChangeLog • CWE-125: Out-of-bounds Read •