DescriptionDouble free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
rsyslog (PTS)bullseye (security), bullseye8.2102.0-2+deb11u1fixed
sid, trixie8.2406.0-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
rsyslogsourcesqueeze(not affected)
rsyslogsourcewheezy(not affected)
rsyslogsource(unstable)(not affected)


- rsyslog <not-affected> (omelasticsearch plugin not enabled; see #715009)
[squeeze] - rsyslog <not-affected> (omelasticsearch plugin not yet present)
[wheezy] - rsyslog <not-affected> (omelasticsearch plugin not yet present);a=commitdiff;h=80f88242982c9c6ad6ce8628fc5b94ea74051cf4

Search for package or bug name: Reporting problems