Vulnerability Details : CVE-2011-1489
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.
Products affected by CVE-2011-1489
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:rsyslog:rsyslog:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1489
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1489
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2011-1489
-
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1489
-
https://github.com/rsyslog/rsyslog/commit/1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a
bugfix: fixed a memory leak and potential abort condition · rsyslog/rsyslog@1ef709c · GitHubPatch;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1489
694126 – (CVE-2011-1489, CVE-2011-1490) CVE-2011-1489 CVE-2011-1490 rsyslog: Memory leak when multiple rulesets usedIssue Tracking;Third Party Advisory
-
https://security-tracker.debian.org/tracker/CVE-2011-1489
CVE-2011-1489Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00005.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2011:007Mailing List;Third Party Advisory
-
https://access.redhat.com/security/cve/cve-2011-1489
Red Hat Customer PortalExploit;Patch;Third Party Advisory
Jump to