rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.
Find out more about CVE-2018-1000140 from the MITRE-CVE dictionary and NIST NVD
Login may be required to access defects or downloads.
Product Name | Status | Defect | Fixed | Downloads |
---|---|---|---|---|
Linux | ||||
Wind River Linux LTS 17 | Fixed |
LIN10-3642 |
10.17.41.6 |
Wind River Linux LTS 10.17.41.6 Wind River Linux LTS 10.17.41.7 Wind River Linux LTS 10.17.41.8 Wind River Linux LTS 10.17.41.9 Wind River Linux LTS 10.17.41.10 Wind River Linux LTS 10.17.41.11 Wind River Linux LTS 10.17.41.12 Wind River Linux LTS 10.17.41.13 Wind River Linux LTS 10.17.41.14 Wind River Linux LTS 10.17.41.15 Wind River Linux LTS 10.17.41.16 Wind River Linux LTS 10.17.41.17 Wind River Linux LTS 10.17.41.18 Wind River Linux LTS 10.17.41.20 Wind River Linux LTS 10.17.41.21 Wind River Linux LTS 10.17.41.22 Wind River Linux LTS 10.17.41.23 Wind River Linux LTS 10.17.41.24 Wind River Linux LTS 10.17.41.25 Wind River Linux LTS 10.17.41.26 Wind River Linux LTS 10.17.41.27 |
Wind River Linux 8 | Not Vulnerable | -- | -- | -- |
Wind River Linux 9 | Fixed |
LIN9-6641 |
9.0.0.16 | -- |
Wind River Linux 7 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 21 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 22 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 18 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 19 | Not Vulnerable | -- | -- | -- |
Wind River Linux CD release | Not Vulnerable | -- | -- | -- |
Wind River Linux 6 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 23 | Not Vulnerable | -- | -- | -- |
VxWorks | ||||
VxWorks 7 | Not Vulnerable | -- | -- | -- |
VxWorks 6.9 | Not Vulnerable | -- | -- | -- |
Helix Virtualization Platform Cert Edition | ||||
Helix Virtualization Platform Cert Edition | Not Vulnerable | -- | -- | -- |
Product Name | Status | Defect | Fixed | Downloads |
---|