Описание
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 5.7.2-2ubuntu1 |
| cosmic | not-affected | 5.7.2-2ubuntu1 |
| devel | not-affected | 5.7.2-2ubuntu1 |
| disco | not-affected | 5.7.2-2ubuntu1 |
| eoan | not-affected | 5.7.2-2ubuntu1 |
| esm-apps/bionic | not-affected | 5.7.2-2ubuntu1 |
| esm-apps/focal | not-affected | 5.7.2-2ubuntu1 |
| esm-apps/xenial | released | 5.5.1-1ubuntu0.1~esm1 |
| esm-infra-legacy/trusty | released | 5.4.0-3ubuntu2.2+esm1 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.
Incorrect interaction of the parse_packet() and parse_part_sign_sha256 ...
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3