Vulnerability Name:

CVE-2022-24903 (CCN-225843)

Assigned:2022-05-05
Published:2022-05-05
Updated:2023-06-23
Summary:rsyslog is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the TCP syslog server (receiver) components. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS v3 Severity:8.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.1 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.1 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2022-24903

Source: XF
Type: UNKNOWN
rsyslog-cve202224903-bo(225843)

Source: security-advisories@github.com
Type: Patch, Third Party Advisory
security-advisories@github.com

Source: CCN
Type: rsyslog GIT Repository
Potential heap buffer overflow in TCP syslog server (receiver) components

Source: security-advisories@github.com
Type: Third Party Advisory
security-advisories@github.com

Source: security-advisories@github.com
Type: Mailing List, Third Party Advisory
security-advisories@github.com

Source: security-advisories@github.com
Type: Mailing List, Third Party Advisory
security-advisories@github.com

Source: CCN
Type: oss-sec Mailing List, Thu, 5 May 2022 14:10:43 +0200
CVE-2022-24903: rsyslog < 8.2204.1 heap buffer overrun

Source: security-advisories@github.com
Type: Third Party Advisory
security-advisories@github.com

Source: security-advisories@github.com
Type: Third Party Advisory
security-advisories@github.com

Source: CCN
Type: IBM Security Bulletin 6610096 (Watson Speech Services Cartridge for Cloud Pak for Data)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in rsyslog (CVE-2022-24903).

Source: CCN
Type: IBM Security Bulletin 6855297 (Security Verify Access)
IBM Security Verify Access Appliance includes components with known vulnerabilities

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/a:redhat:rhev_manager:4.3:*:*:*:*:*:*:*
    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*
    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*
    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*
    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:7::hypervisor:*:*:*:*:*
    • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*
    • Configuration RedHat 11:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*
    • Configuration RedHat 12:
  • cpe:/o:redhat:rhel_els:6:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:rsyslog:rsyslog:8.2204.0:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:security_verify_access:10.0.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.3.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7797
    P
    		rsyslog-8.2106.0-150400.5.11.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:126915
    P
    		Security update for rsyslog (Important)
    2022-07-07
    oval:org.opensuse.security:def:127312
    P
    		Security update for rsyslog (Important)
    2022-07-07
    oval:org.opensuse.security:def:125751
    P
    		Security update for rsyslog (Important)
    2022-07-07
    oval:org.opensuse.security:def:6091
    P
    		Security update for rsyslog (Important)
    2022-07-06
    oval:org.opensuse.security:def:3521
    P
    		gzip-1.10-2.12 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3191
    P
    		libjasper1-1.900.14-195.15.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94821
    P
    		rsyslog-8.2106.0-150400.3.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95151
    P
    		rsyslog-module-gssapi-8.2106.0-150400.3.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:355
    P
    		rsyslog-8.2106.0-150400.3.1 on GA media (Moderate)
    2022-06-10
    oval:com.redhat.rhsa:def:20224808
    P
    		RHSA-2022:4808: rsyslog and rsyslog7 security update (Important)
    2022-05-31
    oval:com.redhat.rhsa:def:20224795
    P
    		RHSA-2022:4795: rsyslog security update (Important)
    2022-05-30
    oval:com.redhat.rhsa:def:20224799
    P
    		RHSA-2022:4799: rsyslog security update (Important)
    2022-05-30
    oval:com.redhat.rhsa:def:20224803
    P
    		RHSA-2022:4803: rsyslog security update (Important)
    2022-05-30
    oval:org.opensuse.security:def:119199
    P
    		Security update for rsyslog (Important)
    2022-05-09
    oval:org.opensuse.security:def:118702
    P
    		Security update for rsyslog (Important)
    2022-05-09
    oval:org.opensuse.security:def:884
    P
    		Security update for rsyslog (Important)
    2022-05-09
    oval:org.opensuse.security:def:119389
    P
    		Security update for rsyslog (Important)
    2022-05-09
    oval:org.opensuse.security:def:118892
    P
    		Security update for rsyslog (Important)
    2022-05-09
    oval:org.opensuse.security:def:1667
    P
    		Security update for rsyslog (Important)
    2022-05-09
    oval:org.opensuse.security:def:119574
    P
    		Security update for rsyslog (Important)
    2022-05-09
    oval:org.opensuse.security:def:119092
    P
    		Security update for rsyslog (Important)
    2022-05-09
    BACK
    rsyslog rsyslog 8.2204.0
    ibm security verify access 10.0.2.0
    ibm security verify access 10.0.0.0
    ibm security verify access 10.0.1.0
    ibm security verify access 10.0.3.0