Описание
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.
A heap-based buffer overflow flaw was found in collectd's network plugin. The flaw allowed a remote attacker to crash the collectd daemon (denial of service) or possibly execute remote code using a crafted network packet. For this flaw to be exploited, the network plugin must be enabled.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools | collectd | Will not fix | ||
| Red Hat OpenStack Platform 10 (Newton) Operational Tools | collectd | Not affected | ||
| Red Hat OpenStack Platform 8 (Liberty) Operational Tools | collectd | Will not fix | ||
| Red Hat OpenStack Platform 9 (Mitaka) Operational Tools | collectd | Will not fix | ||
| Red Hat Storage Console 2 | collectd | Will not fix |
Показывать по
Дополнительная информация
Статус:
8.6 High
CVSS3
6.8 Medium
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.
Heap-based buffer overflow in the parse_packet function in network.c i ...
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.
8.6 High
CVSS3
6.8 Medium
CVSS2