Advisories » MGASA-2019-0110

Updated rsyslog packages fix security vulnerability

Publication date: 14 Mar 2019
Modification date: 14 Mar 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-16881

Description

A denial of service vulnerability was found in rsyslog in the imptcp
module. An attacker could send a specially crafted message to the imptcp
socket, which would cause rsyslog to crash (CVE-2018-16881).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=24342
• https://lists.opensuse.org/opensuse-updates/2019-02/msg00043.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16881

SRPMS

6/core

• rsyslog-8.16.0-1.2.mga6