CVE-2011-1490

Name of the Vulnerable Software and Affected Versions rsyslog versions prior to 5.7.6

Description A memory leak was found in the way the rsyslog daemon processed log messages when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. This could allow a local attacker to cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.

Recommendations For versions prior to 5.7.6, update to version 5.7.6 or later to resolve the issue. As a temporary workaround, consider restricting the use of multiple rulesets to minimize the risk of exploitation.