CVE-2011-1490

Published: 14 November 2019

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset

Priority

CVSS 3 base score: 5.5

Status

Package	Release	Status
rsyslog Launchpad, Ubuntu, Debian	hardy	Ignored (reached end-of-life)
	lucid	Ignored (reached end-of-life)
	maverick	Ignored (reached end-of-life)
	natty	Ignored (reached end-of-life)
	oneiric	Not vulnerable (5.8.1-1ubuntu2)
	precise	Not vulnerable
	quantal	Not vulnerable
	raring	Not vulnerable
	saucy	Not vulnerable
	trusty	Not vulnerable
	upstream	Released (5.7.6-1)
	utopic	Not vulnerable
	vivid	Not vulnerable

References

Bugs

http://bugzilla.adiscon.com/show_bug.cgi?id=218

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›