Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Rsyslog | Rsyslog | * | 7.6.6 (including) |
Rsyslog | Rsyslog | 8.1.0 (including) | 8.1.0 (including) |
Rsyslog | Rsyslog | 8.1.1 (including) | 8.1.1 (including) |
Rsyslog | Rsyslog | 8.1.2 (including) | 8.1.2 (including) |
Rsyslog | Rsyslog | 8.1.3 (including) | 8.1.3 (including) |
Rsyslog | Rsyslog | 8.1.4 (including) | 8.1.4 (including) |
Rsyslog | Rsyslog | 8.1.5 (including) | 8.1.5 (including) |
Rsyslog | Rsyslog | 8.1.6 (including) | 8.1.6 (including) |
Rsyslog | Rsyslog | 8.2.0 (including) | 8.2.0 (including) |
Rsyslog | Rsyslog | 8.2.1 (including) | 8.2.1 (including) |
Rsyslog | Rsyslog | 8.2.2 (including) | 8.2.2 (including) |
Rsyslog | Rsyslog | 8.2.3 (including) | 8.2.3 (including) |
Rsyslog | Rsyslog | 8.3.0 (including) | 8.3.0 (including) |
Rsyslog | Rsyslog | 8.3.1 (including) | 8.3.1 (including) |
Rsyslog | Rsyslog | 8.3.2 (including) | 8.3.2 (including) |
Rsyslog | Rsyslog | 8.3.3 (including) | 8.3.3 (including) |
Rsyslog | Rsyslog | 8.3.4 (including) | 8.3.4 (including) |
Rsyslog | Rsyslog | 8.3.5 (including) | 8.3.5 (including) |
Rsyslog | Rsyslog | 8.4.0 (including) | 8.4.0 (including) |
Rsyslog | Rsyslog | 8.4.1 (including) | 8.4.1 (including) |