CVE-2018-16881

moderate-risk

Published 2019-01-25

A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.

Do I need to act?

2.6% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (12)

Rsyslog

Virtualization Manager

Enterprise Linux Desktop

Enterprise Linux For Ibm Z Systems

Enterprise Linux For Power Big Endian

Enterprise Linux For Power Little Endian

Enterprise Linux For Scientific Computing

Enterprise Linux Server

Enterprise Linux Workstation

Virtualization

Virtualization Host

Debian Linux

Affected Vendors

Debian Redhat Rsyslog

References (12)

Third Party Advisory https://access.redhat.com/errata/RHBA-2019:2501

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:2110

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:2437

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:2439

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881

Mailing List https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html

Third Party Advisory https://access.redhat.com/errata/RHBA-2019:2501

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:2110

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:2437

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:2439

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881

Mailing List https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 6/34 · Minimal

Exposure 17/34 · Moderate