Lucene search
RedHatRHSA-2022:4808HistoryMay 31, 2022 - 7:57 a.m.
(RHSA-2022:4808) Important: rsyslog and rsyslog7 security update
2022-05-3107:57:01
access.redhat.com
76
0.107 Low
EPSS
Percentile
95.1%
The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format.
The rsyslog7 packages provide an enhanced, multi-threaded syslog daemon. It supports on-demand disk buffering, reliable syslog over TCP, SSL, TLS and RELP, writing to databases (MySQL, PostgreSQL, Oracle, and others), email alerting, fully configurable output formats (including high-precision time stamps), the ability to filter on any part of the syslog message, on-the-wire message compression, and the ability to convert text files to syslog.
Security Fix(es):
- rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | s390x | rsyslog7-pgsql | <Β 7.4.10-7.el6_10.1 | rsyslog7-pgsql-7.4.10-7.el6_10.1.s390x.rpm |
| RedHat | 6 | s390x | rsyslog7-debuginfo | <Β 7.4.10-7.el6_10.1 | rsyslog7-debuginfo-7.4.10-7.el6_10.1.s390x.rpm |
| RedHat | 6 | i686 | rsyslog7-debuginfo | <Β 7.4.10-7.el6_10.1 | rsyslog7-debuginfo-7.4.10-7.el6_10.1.i686.rpm |
| RedHat | 6 | i686 | rsyslog-relp | <Β 5.8.10-12.el6_10.1 | rsyslog-relp-5.8.10-12.el6_10.1.i686.rpm |
| RedHat | 6 | i686 | rsyslog7-pgsql | <Β 7.4.10-7.el6_10.1 | rsyslog7-pgsql-7.4.10-7.el6_10.1.i686.rpm |
| RedHat | 6 | i686 | rsyslog7 | <Β 7.4.10-7.el6_10.1 | rsyslog7-7.4.10-7.el6_10.1.i686.rpm |
| RedHat | 6 | s390x | rsyslog-mysql | <Β 5.8.10-12.el6_10.1 | rsyslog-mysql-5.8.10-12.el6_10.1.s390x.rpm |
| RedHat | 6 | i686 | rsyslog7-gnutls | <Β 7.4.10-7.el6_10.1 | rsyslog7-gnutls-7.4.10-7.el6_10.1.i686.rpm |
| RedHat | 6 | x86_64 | rsyslog7-snmp | <Β 7.4.10-7.el6_10.1 | rsyslog7-snmp-7.4.10-7.el6_10.1.x86_64.rpm |
| RedHat | 6 | s390x | rsyslog | <Β 5.8.10-12.el6_10.1 | rsyslog-5.8.10-12.el6_10.1.s390x.rpm |
Related
nessus
nessus
Rocky Linux 9 : rsyslog (RLSA-2022:4795)
2023-11-06 00:00:00
FreeBSD : rsyslog8 -- heap buffer overflow on receiving TCP syslog (b9837fa1-cd72-11ec-98f1-6805ca0b3d42)
2022-05-07 00:00:00
NewStart CGSL MAIN 6.02 : rsyslog Vulnerability (NS-SA-2022-0105)
2022-12-19 00:00:00
osv
osv
rsyslog vulnerability
2022-05-24 16:21:20
CVE-2022-24903
2022-05-06 00:15:07
Important: rsyslog security update
2022-05-30 07:24:07
oraclelinux
oraclelinux
rsyslog security update
2022-06-30 00:00:00
rsyslog rsyslog7 security update
2022-09-14 00:00:00
rsyslog security update
2022-05-31 00:00:00
cvelist
cvelist
cloudlinux
cloudlinux
Fixed CVE-2022-24903 in rsyslog
2022-06-08 19:49:37
cbl_mariner
cbl_mariner
CVE-2022-24903 affecting package rsyslog for versions less than 8.2204.1-1
2022-06-03 17:54:05
CVE-2022-24903 affecting package rsyslog 8.37.0-6
2022-06-15 17:03:08
redhatcve
redhatcve
CVE-2022-24903
2022-05-05 13:36:34
openvas
openvas
Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2022-2535)
2022-10-10 00:00:00
Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2022-1979)
2022-07-08 00:00:00
Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2022-2145)
2022-07-29 00:00:00
broadcom
broadcom
ubuntu
ubuntu
Rsyslog vulnerability
2022-05-24 00:00:00
debian
debian
[SECURITY] [DSA 5150-1] rsyslog security update
2022-05-28 19:26:20
debiancve
debiancve
CVE-2022-24903
2022-05-06 00:15:00
redhat
redhat
(RHSA-2022:4800) Important: rsyslog security update
2022-05-30 07:24:19
(RHSA-2022:4802) Important: rsyslog security update
2022-05-30 07:25:13
(RHSA-2022:4795) Important: rsyslog security update
2022-05-30 07:22:28
veracode
veracode
Buffer Overflow
2022-05-11 10:43:59
ubuntucve
ubuntucve
CVE-2022-24903
2022-05-05 00:00:00
redos
redos
ROS-20240403-16
2024-04-03 00:00:00
rocky
rocky
rsyslog security update
2022-05-30 07:24:07
rsyslog security update
2022-05-30 07:22:28
freebsd
freebsd
rsyslog8 -- heap buffer overflow on receiving TCP syslog
2022-05-05 00:00:00
prion
prion
Heap overflow
2022-05-06 00:15:00
cve
cve
CVE-2022-24903
2022-05-06 00:15:00
fedora
fedora
[SECURITY] Fedora 36 Update: rsyslog-8.2204.0-1.fc36
2022-05-17 01:32:39
[SECURITY] Fedora 35 Update: rsyslog-8.2204.0-1.fc35
2022-05-17 01:56:45
almalinux
almalinux
Important: rsyslog security update
2022-05-30 07:24:07
rosalinux
rosalinux
Advisory ROSA-SA-2024-2381
2024-03-26 11:41:42
alpinelinux
alpinelinux
CVE-2022-24903
2022-05-06 00:15:00
mageia
mageia
Updated rsyslog packages fix security vulnerability
2022-05-08 10:58:48
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in rsyslog (CVE-2022-24903).
2023-01-12 21:59:00
amazon
amazon
Important: rsyslog
2022-05-31 23:50:00
Important: rsyslog
2022-05-31 23:47:00
ics
ics
βSiemens RUGGEDCOM ROX
2023-07-13 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00