Описание
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| rsyslog | fixed | 8.1910.0-1 | package | |
| rsyslog | not-affected | buster | package | |
| rsyslog | not-affected | stretch | package | |
| rsyslog | not-affected | jessie | package |
Примечания
https://github.com/rsyslog/rsyslog/pull/3875
pmdb2diag module not complied in Debian.
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 6 лет назад
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.
CVSS3: 7.5
redhat
больше 6 лет назад
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.
CVSS3: 9.8
nvd
больше 6 лет назад
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.
CVSS3: 9.8
github
больше 3 лет назад
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.