rsyslog: Heap Buffer Overflow — GLSA 202408-28

A vulnerability has been discovered in rsyslog, which could possibly lead to remote code execution.

Affected packages

app-admin/rsyslog on all architectures
Affected versions < 8.2206.0
Unaffected versions >= 8.2206.0

Background

rsyslog is an enhanced multi-threaded syslogd with database support and more.

Description

Multiple vulnerabilities have been discovered in rsyslog. Please review the CVE identifiers referenced below for details.

Impact

Modules for TCP syslog reception have a heap buffer overflow when octet-counted framing is used. The attacker can corrupt heap values, leading to data integrity issues and availability impact. Remote code execution is unlikely to happen but not impossible.

Workaround

There is no known workaround at this time.

Resolution

All rsyslog users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-admin/rsyslog-8.2206.0"
 

References

Release date
August 11, 2024

Latest revision
August 11, 2024: 1

Severity
normal

Exploitable
local and remote

Bugzilla entries