CVE-2018-16881
25.01.2019, 18:29
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| rsyslog | rsyslog | 𝑥 < 8.27.0 |
| redhat | virtualization_manager | 4.3 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_for_ibm_z_systems | 7.0 |
| redhat | enterprise_linux_for_power_big_endian | 7.0 |
| redhat | enterprise_linux_for_power_little_endian | 7.0 |
| redhat | enterprise_linux_for_scientific_computing | 7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | virtualization | 4.0 |
| redhat | virtualization_host | 4.0 |
| debian | debian_linux | 9.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| rsyslog |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| rsyslog |
| ||||||||||||
| rsyslog-diag-tools |
| ||||||||||||
| rsyslog-doc |
| ||||||||||||
| rsyslog-module-gssapi |
| ||||||||||||
| rsyslog-module-gtls |
| ||||||||||||
| rsyslog-module-mmnormalize |
| ||||||||||||
| rsyslog-module-mysql |
| ||||||||||||
| rsyslog-module-pgsql |
| ||||||||||||
| rsyslog-module-relp |
| ||||||||||||
| rsyslog-module-snmp |
| ||||||||||||
| rsyslog-module-udpspoof |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||
|---|---|---|---|
| rsyslog |
| ||
| rsyslog-crypto |
| ||
| rsyslog-doc |
| ||
| rsyslog-elasticsearch |
| ||
| rsyslog-gnutls |
| ||
| rsyslog-gssapi |
| ||
| rsyslog-kafka |
| ||
| rsyslog-libdbi |
| ||
| rsyslog-mmaudit |
| ||
| rsyslog-mmjsonparse |
| ||
| rsyslog-mmkubernetes |
| ||
| rsyslog-mmnormalize |
| ||
| rsyslog-mmsnmptrapd |
| ||
| rsyslog-mysql |
| ||
| rsyslog-pgsql |
| ||
| rsyslog-relp |
| ||
| rsyslog-snmp |
| ||
| rsyslog-udpspoof |
|
References