Candidate: CVE-2011-1489
PublicDate: 2019-11-14 02:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1489
Description:
 A memory leak in rsyslog before 5.7.6 was found in the way deamon processed
 log messages were logged when multiple rulesets were used and some output
 batches contained messages belonging to more than one ruleset. A local
 attacker could cause denial of the rsyslogd daemon service via a log
 message belonging to more than one ruleset.
Ubuntu-Description:
Notes:
Bugs:
 http://bugzilla.adiscon.com/show_bug.cgi?id=226
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [5.5 MEDIUM]

Patches_rsyslog:
 upstream: http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a
upstream_rsyslog: released (5.7.6-1)
hardy_rsyslog: ignored (reached end-of-life)
lucid_rsyslog: ignored (reached end-of-life)
maverick_rsyslog: ignored (reached end-of-life)
natty_rsyslog: ignored (reached end-of-life)
oneiric_rsyslog: not-affected (5.8.1-1ubuntu2)
precise_rsyslog: not-affected
quantal_rsyslog: not-affected
raring_rsyslog: not-affected
saucy_rsyslog: not-affected
trusty_rsyslog: not-affected
trusty/esm_rsyslog: not-affected
utopic_rsyslog: not-affected
vivid_rsyslog: not-affected
devel_rsyslog: not-affected