Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 395709 (CVE-2011-4623) - <app-admin/rsyslog-5.8.5: integer signedness error while extending rsyslog possible DOS (CVE-2011-4623)
Summary: <app-admin/rsyslog-5.8.5: integer signedness error while extending rsyslog po...
Status: RESOLVED FIXED
Alias: CVE-2011-4623
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-12-22 19:07 UTC by Michael Harrison
Modified: 2014-12-24 20:40 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Harrison 2011-12-22 19:07:01 UTC
An integer signedness error, leading to heap based buffer overflow was found in
the way the imfile module of rsyslog, an enhanced system logging and kernel
message trapping daemon, processed text files larger than 64 KB. When the
imfile rsyslog module was enabled, a local attacker could use this flaw to
cause denial of service (rsyslogd daemon hang) via specially-crafted message,
to be logged.

Upstream bug report:
[1] http://bugzilla.adiscon.com/show_bug.cgi?id=221

Upstream patch:
[2]
http://git.adiscon.com/?p=rsyslog.git;a=commit;h=6bad782f154b7f838c7371bf99c13f6dc4ec4101
Comment 1 Ultrabug gentoo-dev 2011-12-28 12:08:08 UTC
Hi, thanks for reporting this.

If I'm not mistaken this bug affects <app-admin/rsyslog-5.7.4

Note: none of the currently in tree ebuilds are affected by this vulnerability.
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2012-01-01 18:02:49 UTC
Thanks, Ultrabug. Am I correct to think this was first fixed for stable users in =app-admin/rsyslog-5.8.5?

GLSA Vote: yes.
Comment 3 Ultrabug gentoo-dev 2012-01-02 10:10:27 UTC
Yes Tim, I indeed remember it that way, thanks.
Comment 4 Stefan Behte (RETIRED) gentoo-dev Security 2012-03-06 00:56:55 UTC
Votes: YES. GLSA request filed.
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2012-09-30 20:14:43 UTC
CVE-2011-4623 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4623):
  Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in
  the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x
  before 6.1.4 allows local users to cause a denial of service (daemon hang)
  via a large file, which triggers a heap-based buffer overflow.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2014-12-24 20:40:14 UTC
This issue was resolved and addressed in
 GLSA 201412-35 at http://security.gentoo.org/glsa/glsa-201412-35.xml
by GLSA coordinator Yury German (BlueKnight).