Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 17 results


CVE-2022-24903

Medium priority

Some fixes available 10 of 11

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of...

1 affected packages

rsyslog

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsyslog Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2011-1490

Low priority
Ignored

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker...

1 affected packages

rsyslog

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsyslog
Show less packages

CVE-2011-1489

Low priority
Ignored

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker...

1 affected packages

rsyslog

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsyslog
Show less packages

CVE-2011-1488

Low priority
Ignored

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by...

1 affected packages

rsyslog

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsyslog
Show less packages

CVE-2019-17042

Low priority

Some fixes available 1 of 5

An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but...

1 affected packages

rsyslog

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsyslog Not affected Not affected Not affected Vulnerable Fixed
Show less packages

CVE-2019-17041

Low priority

Some fixes available 1 of 5

An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a...

1 affected packages

rsyslog

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsyslog Not affected Not affected Not affected Vulnerable Fixed
Show less packages

CVE-2019-17040

Medium priority
Not affected

contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.

1 affected packages

rsyslog

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsyslog Not affected Not affected
Show less packages

CVE-2018-16881

Low priority

Some fixes available 1 of 2

A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.

1 affected packages

rsyslog

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsyslog Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2017-12588

Medium priority
Not affected

The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.

1 affected packages

rsyslog

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsyslog Not affected
Show less packages

CVE-2015-3243

Medium priority
Not affected

rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/log/cron.

1 affected packages

rsyslog

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsyslog
Show less packages