CVE-2022-38725

Name of the Vulnerable Software and Affected Versions One Identity syslog-ng versions 3.0 through 3.37 syslog-ng Premium Edition version 7.0.30 syslog-ng Store Box version 6.10.0

Description The issue is related to an integer overflow in the RFC3164 parser, which can be exploited by remote attackers to cause a Denial of Service. This can be achieved via crafted syslog input that is mishandled by the tcp or network function.

Recommendations For One Identity syslog-ng versions 3.0 through 3.37, consider disabling the RFC3164 parser until a patch is available. For syslog-ng Premium Edition version 7.0.30, restrict access to the tcp and network functions to minimize the risk of exploitation. For syslog-ng Store Box version 6.10.0, avoid using the affected RFC3164 parser in the syslog input handling process until the issue is resolved.