ubuntu · CVE-2014-3683

Quick triage

Priority: medium Published: 2014-10-02 00:00:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2014-3683 medium priority: Ubuntu including 2 source packages (rsyslog, sysklogd), 20 status rows across 10 suites (lucid, precise, trusty, upstream, utopic, vivid, wily, xenial, yakkety, zesty): released 10, DNE 7, ignored 2, needs-triage 1.

Description:

Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634.

cvelogic Threat Intelligence