SB2022051214 - Ubuntu update for rsyslog

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022051214

SB2022051214 - Ubuntu update for rsyslog

Published: May 12, 2022

Security Bulletin ID SB2022051214
Severity
High
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 67% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2018-16881)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists in the imptcp module due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted message to the imptcp socket that submits malicious input and cause the affected software to crash, resulting in a DoS condition.


2) Buffer overflow (CVE-ID: CVE-2019-17041)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in "contrib/pmaixforwardedfrom/pmaixforwardedfrom.c" due to a boundary error in the parser for AIX log messages. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Buffer overflow (CVE-ID: CVE-2019-17042)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in "contrib/pmcisconames/pmcisconames.c" due to a boundary error in the parser for Cisco log messages. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References