FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rsyslog8 -- heap buffer overflow on receiving TCP syslog

Affected packages
rsyslog < 8.2204.1


VuXML ID b9837fa1-cd72-11ec-98f1-6805ca0b3d42
Discovery 2022-05-05
Entry 2022-05-06

Rainer Gerhards reports:

Modules for TCP syslog reception have a heap buffer overflow when octet-counted framing is used. The attacker can corrupt heap values, leading to data integrity issues and availability impact. Remote code execution is unlikely to happen but not impossible..


CVE Name CVE-2022-24903