CVE-2022-38725

Name
CVE-2022-38725
Description
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://lists.balabit.hu/pipermail/syslog-ng/
MISC https://github.com/syslog-ng/syslog-ng/security/advisories/GHSA-7932-4fc6-pvmc
MLIST https://lists.debian.org/debian-lts-announce/2023/02/msg00043.html
DEBIAN https://www.debian.org/security/2023/dsa-5369
GENTOO https://security.gentoo.org/glsa/202305-09
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3TZ7U2GQTAHVHJXSSEHQS5D2Q5T6SZB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QU36HCM3VZYANUYFC6XFYEYJEKQPA2Q7/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:oneidentity:syslog-ng_store_box:*:*:*:*:lts:*:*:* syslog-ng_store_box >= None < 7.0
cpe:2.3:a:oneidentity:syslog-ng_store_box:*:*:*:*:-:*:*:* syslog-ng_store_box >= None < 6.0.5
cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:premium:*:*:* syslog-ng >= None < 7.0.32
cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:-:*:*:* syslog-ng >= None < 3.38.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
syslog-ng edge-main 4.10.2-r4 Jakub Jirutka <jakub@jirutka.cz> fixed
syslog-ng edge-main 4.10.2-r3 Jakub Jirutka <jakub@jirutka.cz> fixed
syslog-ng edge-main 4.10.2-r1 Celeste <cielesti@protonmail.com> fixed
syslog-ng edge-main 4.10.2-r0 Celeste <cielesti@protonmail.com> fixed
syslog-ng edge-main 4.10.1-r0 Celeste <cielesti@protonmail.com> fixed
syslog-ng edge-main 4.10.0-r0 Celeste <cielesti@protonmail.com> fixed
syslog-ng edge-main 4.9.0-r0 Celeste <cielesti@protonmail.com> fixed
syslog-ng edge-main 4.8.3-r1 Celeste <cielesti@protonmail.com> fixed
syslog-ng edge-main 4.8.3-r0 Celeste <cielesti@protonmail.com> fixed
syslog-ng edge-main 4.8.2-r0 Celeste <cielesti@protonmail.com> fixed
syslog-ng edge-main 4.8.1-r1 Celeste <cielesti@protonmail.com> fixed
syslog-ng edge-main 3.38.1-r0 jv <jens@eisfair.org> fixed
syslog-ng 3.23-main 4.10.2-r1 Celeste <cielesti@protonmail.com> fixed
syslog-ng 3.22-main 4.8.3-r1 Celeste <cielesti@protonmail.com> fixed
syslog-ng 3.22-main 3.38.1-r0 None fixed
syslog-ng 3.21-main 4.8.3-r1 Celeste <cielesti@protonmail.com> fixed
syslog-ng 3.21-main 4.8.1-r1 Celeste <cielesti@protonmail.com> fixed
syslog-ng 3.21-main 3.38.1-r0 None fixed
syslog-ng 3.20-main 4.7.1-r1 jv <jens@eisfair.org> fixed
syslog-ng 3.20-main 3.38.1-r0 None fixed
syslog-ng 3.19-main 4.5.0-r0 jv <jens@eisfair.org> fixed
syslog-ng 3.19-main 3.38.1-r0 None fixed
syslog-ng 3.18-main 4.1.1-r2 jv <jens@eisfair.org> fixed
syslog-ng 3.18-main 3.38.1-r0 None fixed
syslog-ng 3.17-main 3.38.1-r0 jv <jens@eisfair.org> fixed