Podatność CVE-2018-1000140

Podatność CVE-2018-1000140

Publikacja: 2018-03-23

Opis:

Typ:

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
7.5/10	6.4/10	10/10

Affected software
Rsyslog -> Librelp
Redhat -> Enterprise linux desktop
Redhat -> Enterprise linux server
Redhat -> Enterprise linux server aus
Redhat -> Enterprise linux server eus
Redhat -> Enterprise linux server tus
Redhat -> Enterprise linux workstation
Debian -> Debian linux
Canonical -> Ubuntu linux

https://access.redhat.com/errata/RHSA-2018:1223

https://access.redhat.com/errata/RHSA-2018:1225

https://access.redhat.com/errata/RHSA-2018:1701

https://access.redhat.com/errata/RHSA-2018:1702

https://access.redhat.com/errata/RHSA-2018:1703

https://access.redhat.com/errata/RHSA-2018:1704

https://access.redhat.com/errata/RHSA-2018:1707

https://github.com/rsyslog/librelp/blob/532aa362f0f7a8d037505b0a27a1df452f9bac9e/src/tcp.c#L1205

https://lgtm.com/rules/1505913226124/

https://security.gentoo.org/glsa/201804-21

https://usn.ubuntu.com/3612-1/

https://www.debian.org/security/2018/dsa-4151