A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHBA-2019:2501 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2019:2110 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2019:2437 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2019:2439 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881 | Issue Tracking Mitigation Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
|
History
06 Oct 2022, 16:13
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Scientific Computing Redhat virtualization Redhat virtualization Host Debian debian Linux Redhat enterprise Linux For Power Big Endian Debian Redhat enterprise Linux Redhat enterprise Linux For Power Little Endian |
|
CPE | cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:* |
|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html - Mailing List, Third Party Advisory |
21 May 2022, 01:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-01-25 18:29
Updated : 2023-12-10 12:44
NVD link : CVE-2018-16881
Mitre link : CVE-2018-16881
CVE.ORG link : CVE-2018-16881
JSON object : View
Products Affected
redhat
- enterprise_linux_for_power_little_endian
- virtualization
- enterprise_linux_desktop
- enterprise_linux_for_ibm_z_systems
- enterprise_linux
- enterprise_linux_workstation
- enterprise_linux_server
- virtualization_manager
- enterprise_linux_for_scientific_computing
- virtualization_host
- enterprise_linux_for_power_big_endian
rsyslog
- rsyslog
debian
- debian_linux
CWE
CWE-190
Integer Overflow or Wraparound