Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2022:4808 - Security Advisory
Issued:
2022-05-31
Updated:
2022-05-31

RHSA-2022:4808 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: rsyslog and rsyslog7 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for rsyslog and rsyslog7 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format.

The rsyslog7 packages provide an enhanced, multi-threaded syslog daemon. It supports on-demand disk buffering, reliable syslog over TCP, SSL, TLS and RELP, writing to databases (MySQL, PostgreSQL, Oracle, and others), email alerting, fully configurable output formats (including high-precision time stamps), the ability to filter on any part of the syslog message, on-the-wire message compression, and the ability to convert text files to syslog.

Security Fix(es):

  • rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

  • BZ - 2081353 - CVE-2022-24903 rsyslog: Heap-based overflow in TCP syslog server

CVEs

  • CVE-2022-24903

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
rsyslog-5.8.10-12.el6_10.1.src.rpm SHA-256: 4d09f2a3b7b478a43db4e1addcd688ee1718a3baaf4f052543c9c6f8ea143104
rsyslog7-7.4.10-7.el6_10.1.src.rpm SHA-256: 294b1e3cb5c8785eaf2132475102a373f62dac610e65cb0a9835ad79175f02b9
x86_64
rsyslog-5.8.10-12.el6_10.1.x86_64.rpm SHA-256: 27730a66012d64b21d47962f39219ae5518b5b64493015c664fb9db3c7108557
rsyslog-debuginfo-5.8.10-12.el6_10.1.x86_64.rpm SHA-256: cb08eb29ff0ff28db88db542d767162aaaec2116a92d7676d86079e137e31b21
rsyslog-debuginfo-5.8.10-12.el6_10.1.x86_64.rpm SHA-256: cb08eb29ff0ff28db88db542d767162aaaec2116a92d7676d86079e137e31b21
rsyslog-gnutls-5.8.10-12.el6_10.1.x86_64.rpm SHA-256: 4905018a8f2156bebfdcc642a6b19eb00d69ba70e6bb803b0a2383a18454facf
rsyslog-gssapi-5.8.10-12.el6_10.1.x86_64.rpm SHA-256: 8bd5117c28c479464e65e63a54f3569ae3e1fd1eb4a11397e7649d4cafbfad35
rsyslog-mysql-5.8.10-12.el6_10.1.x86_64.rpm SHA-256: 59db7297e122bc8eb02b5a264a01632180e5eda776b571e63c8ba89fad51de15
rsyslog-pgsql-5.8.10-12.el6_10.1.x86_64.rpm SHA-256: b7056aca8538095139863350d54723633e229b76cb4f70323b61d3943bf669bd
rsyslog-relp-5.8.10-12.el6_10.1.x86_64.rpm SHA-256: ded58a0eb7062cbeb446d1bbdffae9e80fe6df26b79c5b2d05e62f9d6bb0ee24
rsyslog-snmp-5.8.10-12.el6_10.1.x86_64.rpm SHA-256: 1e8d74e90e835d9048135650f6df5c4378ab6d7ea3df837bfc67a7b835d72112
rsyslog7-7.4.10-7.el6_10.1.x86_64.rpm SHA-256: 69b20e1d920332071e77b26701b4a4c08c34ada10de2e6398cda23dab1f59c47
rsyslog7-debuginfo-7.4.10-7.el6_10.1.x86_64.rpm SHA-256: 857d20cb64cb83d5aa6ab6598d4811927243e4f31ab202127e6ced55ee6e335a
rsyslog7-debuginfo-7.4.10-7.el6_10.1.x86_64.rpm SHA-256: 857d20cb64cb83d5aa6ab6598d4811927243e4f31ab202127e6ced55ee6e335a
rsyslog7-elasticsearch-7.4.10-7.el6_10.1.x86_64.rpm SHA-256: 769d97aa08f352f96259e753326589ffa701c0bfbe9cc3594489984552d96cac
rsyslog7-gnutls-7.4.10-7.el6_10.1.x86_64.rpm SHA-256: 3d236a509fe7d91074a4f7547c0742b5962b139579baaed5c7d54d975d29bbd4
rsyslog7-gssapi-7.4.10-7.el6_10.1.x86_64.rpm SHA-256: cc17f59445cab5e8df3bcb55624cc6bfc37bab959e2131957cb144279a0a81d1
rsyslog7-mysql-7.4.10-7.el6_10.1.x86_64.rpm SHA-256: 52ade77c32c2610e3e00ec1ddd7eda097abb549d8c0de8be30666b689ca74232
rsyslog7-pgsql-7.4.10-7.el6_10.1.x86_64.rpm SHA-256: 74f1d594c9386fa8ae5d00dcd69669e099e3e8268125cc4929402e88e7d31925
rsyslog7-relp-7.4.10-7.el6_10.1.x86_64.rpm SHA-256: 17018b0328271900d87901c3a97e79bc9fad0d5934065eb241e58423deba13da
rsyslog7-snmp-7.4.10-7.el6_10.1.x86_64.rpm SHA-256: 2343e255c49af769335895524790aae33c9352dbaea67463e7bc07a959f10a5e
i386
rsyslog-5.8.10-12.el6_10.1.i686.rpm SHA-256: b7acad31a2ddf8e8ca8a154a5fdce1a6d56dfd405d07d3e971cd2c8e78ea5d85
rsyslog-debuginfo-5.8.10-12.el6_10.1.i686.rpm SHA-256: ed21b3684c1c71597a6d656e0444d4b9c70bfe452b6f371fbd88223d7ee0b963
rsyslog-debuginfo-5.8.10-12.el6_10.1.i686.rpm SHA-256: ed21b3684c1c71597a6d656e0444d4b9c70bfe452b6f371fbd88223d7ee0b963
rsyslog-gnutls-5.8.10-12.el6_10.1.i686.rpm SHA-256: 028f0730d4e1a1b9a050abcd9fd5c30af6be0704a3d03d6aa0c91d4e5759d17b
rsyslog-gssapi-5.8.10-12.el6_10.1.i686.rpm SHA-256: ca66dbef6fad7d9ede73db2640cc464a4341d3ad3cea8e44c6953c3a29e1893e
rsyslog-mysql-5.8.10-12.el6_10.1.i686.rpm SHA-256: 4e83c1e07a3c68b63a5e75d78ad78d62954d967adc87758fd205f2025f2676cc
rsyslog-pgsql-5.8.10-12.el6_10.1.i686.rpm SHA-256: 3a741eba309a95c5804e9e28366f3c2a0e07ecea8efebbdbba5d65f602d95626
rsyslog-relp-5.8.10-12.el6_10.1.i686.rpm SHA-256: a389f238031017cbbdb557e9a9a2a3cd2deddc30426bba020eccad815bfca8be
rsyslog-snmp-5.8.10-12.el6_10.1.i686.rpm SHA-256: 38fc9323f099017e24b099af310c46b0dfd140a2d214605545c858e0a4d439cb
rsyslog7-7.4.10-7.el6_10.1.i686.rpm SHA-256: d8ea275cc59d3feb52e0bd26f5d33adca752172e32b5e5a72b164519c55a5d6f
rsyslog7-debuginfo-7.4.10-7.el6_10.1.i686.rpm SHA-256: 9e5e061046e083071e0f9c99b933d22ecc8ffbba34d5f619011df0239cf68fbf
rsyslog7-debuginfo-7.4.10-7.el6_10.1.i686.rpm SHA-256: 9e5e061046e083071e0f9c99b933d22ecc8ffbba34d5f619011df0239cf68fbf
rsyslog7-elasticsearch-7.4.10-7.el6_10.1.i686.rpm SHA-256: a751f37af98d04b05d45f0a0a0aede50c5feaeac99ccd56f48c3ecced8f506c1
rsyslog7-gnutls-7.4.10-7.el6_10.1.i686.rpm SHA-256: e78f1b454a94f83021f16f3345cca46a9e01588c2a02ec84fa93e4d263d492ff
rsyslog7-gssapi-7.4.10-7.el6_10.1.i686.rpm SHA-256: d9b52fe6a63c7ed07a01068c365a2cc2050b4e05b66862898fe88fa4d859bce3
rsyslog7-mysql-7.4.10-7.el6_10.1.i686.rpm SHA-256: c5f0c76deaa09adf233b9533444a89da668b0bd7710064c7b06d9525c4c36e26
rsyslog7-pgsql-7.4.10-7.el6_10.1.i686.rpm SHA-256: 938d520d7a3d91f7c4362f74d36ba8ab08cc952229745f06481d0d204ffc261b
rsyslog7-relp-7.4.10-7.el6_10.1.i686.rpm SHA-256: 885cc2a0b7cb4cf95b13713314dd88719733f812d6fe850ff9f266c60acc5b8a
rsyslog7-snmp-7.4.10-7.el6_10.1.i686.rpm SHA-256: 08921a45b6b3ae6ad1dea335599ca3a5f9d241dadbfc4233e120f8c72764b835

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM
rsyslog-5.8.10-12.el6_10.1.src.rpm SHA-256: 4d09f2a3b7b478a43db4e1addcd688ee1718a3baaf4f052543c9c6f8ea143104
rsyslog7-7.4.10-7.el6_10.1.src.rpm SHA-256: 294b1e3cb5c8785eaf2132475102a373f62dac610e65cb0a9835ad79175f02b9
s390x
rsyslog-5.8.10-12.el6_10.1.s390x.rpm SHA-256: 5a0ce6894c1ebde96031e5a65d4926638989edfa2f0181725126a35dce5acee3
rsyslog-debuginfo-5.8.10-12.el6_10.1.s390x.rpm SHA-256: 84cf627f4ba3ad376da727e032785717109d567690e328e5c4b7fa50ff63388e
rsyslog-debuginfo-5.8.10-12.el6_10.1.s390x.rpm SHA-256: 84cf627f4ba3ad376da727e032785717109d567690e328e5c4b7fa50ff63388e
rsyslog-gnutls-5.8.10-12.el6_10.1.s390x.rpm SHA-256: ed1b8f2cc3df4126daf027a438e79ad005a4e5083d06f2858fb005063cdbbadf
rsyslog-gssapi-5.8.10-12.el6_10.1.s390x.rpm SHA-256: c0ce2b765b03687bb3b0f79d7265cf963c70864e9f3dd935e8d5e62932a9eaf1
rsyslog-mysql-5.8.10-12.el6_10.1.s390x.rpm SHA-256: 03167942c21216b5af13f53a3527c30031cf8ab2c909b2caac6bd7d5d841ac95
rsyslog-pgsql-5.8.10-12.el6_10.1.s390x.rpm SHA-256: edfdcca57d10b123e7176b83b9f72f073be39ac1df27ca42299c9b7193994e08
rsyslog-relp-5.8.10-12.el6_10.1.s390x.rpm SHA-256: f2d1e43f6ed90d21c35ea6aa90888c37dcd86f9cf70e29e6d86423460b915751
rsyslog-snmp-5.8.10-12.el6_10.1.s390x.rpm SHA-256: 80ae2a8b6c65c23b129360394400e5f6a70f9f65029782b34b8dd027e29e96fb
rsyslog7-7.4.10-7.el6_10.1.s390x.rpm SHA-256: c0b570e9b7926f2f9259af339a4f55f446c53763bc54592e5b407138b614a369
rsyslog7-debuginfo-7.4.10-7.el6_10.1.s390x.rpm SHA-256: 53615b6dcd2fd7487e4cc50c744e887301b666d2507bb2cf274e646fb5c6fc1d
rsyslog7-debuginfo-7.4.10-7.el6_10.1.s390x.rpm SHA-256: 53615b6dcd2fd7487e4cc50c744e887301b666d2507bb2cf274e646fb5c6fc1d
rsyslog7-elasticsearch-7.4.10-7.el6_10.1.s390x.rpm SHA-256: d4a19d7ef0ca89ecd186dda558f68375c6707f4286436a6cd0ac975dd86ada43
rsyslog7-gnutls-7.4.10-7.el6_10.1.s390x.rpm SHA-256: 3aa1b268ac2a3fe7187c36aae0482fc0991243d9f84bc87e9f070c966a37f0e3
rsyslog7-gssapi-7.4.10-7.el6_10.1.s390x.rpm SHA-256: 4a3afd9a526a8d3312ba29bc1b0e59307a1f4b8f277706914d7a9dfa9af18dc5
rsyslog7-mysql-7.4.10-7.el6_10.1.s390x.rpm SHA-256: 8f38cfd18ab02ffc3d029e666ebce600dae3717e6e4be3ca2bbbeb58a5fa5792
rsyslog7-pgsql-7.4.10-7.el6_10.1.s390x.rpm SHA-256: 4c5bc7072d53d99636280dbd236e0279d66b324260564b6e787f36f68441567a
rsyslog7-relp-7.4.10-7.el6_10.1.s390x.rpm SHA-256: 68e6da1fb96fdc67e0789f7fab5adfbb14089ec423a8585e9b2d620db8035b60
rsyslog7-snmp-7.4.10-7.el6_10.1.s390x.rpm SHA-256: 334a6c3b6f5b5426f479738e6d1ab40df841c481abdcf264d8d444d3e59bc4ab

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter