Debian: DSA-5369-1 Critical: syslog-ng Denial Of Service

debian

March 5, 2023

It was discovered that an integer overflow in the RFC3164 parser of syslog-ng, a system logging daemon, may result in denial of service via malformed syslog messages

Topics Covered

security advisory denial of service critical debian syslog-ng

Summary

It was discovered that an integer overflow in the RFC3164 parser of
syslog-ng, a system logging daemon, may result in denial of service
via malformed syslog messages.

For the stable distribution (bullseye), this problem has been fixed in
version 3.28.1-2+deb11u1.

We recommend that you upgrade your syslog-ng packages.

For the detailed security status of syslog-ng please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/syslog-ng

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Severity

critical

Lowest

Low

Medium

High

Critical

Package: syslog-ng

CVE ID: CVE-2022-38725

Topics Covered

security advisory denial of service critical debian syslog-ng

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Debian: DSA-5369-1 Critical: syslog-ng Denial Of Service

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Debian: DSA-5369-1 Critical: syslog-ng Denial Of Service

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!