Vulnerability Details : CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2022-38725
- cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:premium:*:*:*
- cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:-:*:*:*
- cpe:2.3:a:oneidentity:syslog-ng_store_box:*:*:*:*:lts:*:*:*
- cpe:2.3:a:oneidentity:syslog-ng_store_box:*:*:*:*:-:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-38725
4.60%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-38725
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-04-03 |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2022-38725
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2022-38725
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3TZ7U2GQTAHVHJXSSEHQS5D2Q5T6SZB/
[SECURITY] Fedora 36 Update: syslog-ng-3.35.1-4.fc36 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3TZ7U2GQTAHVHJXSSEHQS5D2Q5T6SZB/
[SECURITY] Fedora 36 Update: syslog-ng-3.35.1-4.fc36 - package-announce - Fedora mailing-lists
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QU36HCM3VZYANUYFC6XFYEYJEKQPA2Q7/
[SECURITY] Fedora 37 Update: syslog-ng-3.37.1-2.fc37 - package-announce - Fedora Mailing-Lists
-
https://lists.debian.org/debian-lts-announce/2023/02/msg00043.html
[SECURITY] [DLA 3348-1] syslog-ng security update
-
https://www.debian.org/security/2023/dsa-5369
Debian -- Security Information -- DSA-5369-1 syslog-ng
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QU36HCM3VZYANUYFC6XFYEYJEKQPA2Q7/
[SECURITY] Fedora 37 Update: syslog-ng-3.37.1-2.fc37 - package-announce - Fedora mailing-lists
-
https://github.com/syslog-ng/syslog-ng/security/advisories/GHSA-7932-4fc6-pvmc
An integer overflow in the RFC3164 parser allows remote attackers Denial of Service · Advisory · syslog-ng/syslog-ng · GitHubThird Party Advisory
-
https://security.gentoo.org/glsa/202305-09
syslog-ng: Denial of Service (GLSA 202305-09) — Gentoo security
-
https://lists.balabit.hu/pipermail/syslog-ng/
The syslog-ng ArchivesThird Party Advisory
Jump to