CVE-2011-4623
Published: 23 December 2011
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.
Notes
| Author | Note |
|---|---|
| tyhicks | The imfile module is built in Lucid and newer, but is not loaded in the default rsyslog config file. |
| jdstrand | introduced with d2d54013aebb756169182ed8716b142d27134a70 (part of 4.5.0) |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
rsyslog Launchpad, Ubuntu, Debian |
upstream |
Released
(4.6.6, 5.7.4)
|
| hardy |
Not vulnerable
(code not present)
|
|
| lucid |
Not vulnerable
(has correct type)
|
|
| maverick |
Not vulnerable
(has correct type)
|
|
| natty |
Released
(4.6.4-2ubuntu4.2)
|
|
| oneiric |
Not vulnerable
(5.8.1-1ubuntu2)
|
|
|
Patches: upstream: http://git.adiscon.com/?p=rsyslog.git;a=commit;h=6bad782f154b7f838c7371bf99c13f6dc4ec4101 |
||