Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-3634

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

Related bugs and status

CVE-2014-3634 (Candidate) is related to these bugs:

Bug #1389700: rsyslogd restarts every few minutes

Summary				In	Importance	Status
	1389700	rsyslogd restarts every few minutes		Fuel for OpenStack	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2014093...
MLIST: [oss-security] 2014100...
CONFIRM: http://www.rsyslog.com...
DEBIAN: DSA-3040
SECUNIA: 61494
SECUNIA: 61720
CONFIRM: http://linux.oracle.co...
REDHAT: RHSA-2014:1397
REDHAT: RHSA-2014:1654
REDHAT: RHSA-2014:1671
SUSE: SUSE-SU-2014:1294
SUSE: openSUSE-SU-2014:1297
SUSE: openSUSE-SU-2014:1298
UBUNTU: USN-2381-1
SECUNIA: 61930
CONFIRM: http://advisories.mage...
MANDRIVA: MDVSA-2015:130
CONFIRM: http://www.oracle.com/...