Your submission was sent successfully! Close

CVE-2011-1489

Published: 14 November 2019

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
rsyslog
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid Ignored
(reached end-of-life)
maverick Ignored
(reached end-of-life)
natty Ignored
(reached end-of-life)
oneiric Not vulnerable
(5.8.1-1ubuntu2)
precise Not vulnerable

quantal Not vulnerable

raring Not vulnerable

saucy Not vulnerable

trusty Not vulnerable

upstream
Released (5.7.6-1)
utopic Not vulnerable

vivid Not vulnerable

Patches:
upstream: http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a