PT-2019-6271 · Sysstat+7 · Sysstat+7

Rkx1209

Published

2019-08-03

Updated

2024-06-15

CVE-2019-16167

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions sysstat versions prior to 12.1.6

Description The issue is related to a buffer overflow in the remap struct() function within the sa common.c component of the sysstat utility. This can be exploited by a remote attacker to cause a denial of service due to memory corruption resulting from an integer overflow.

Recommendations For versions prior to 12.1.6, update to version 12.1.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the remap struct() function until a patch is available.

Exploit

Fix

Integer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-787

Related Identifiers

ALT-PU-2020-3464

ALT-PU-2020-3493

ALT-PU-2021-2132

BDU:2022-06244

CESA-2020_4638

CVE-2019-16167

DLA-3188-1

MGASA-2019-0371

OPENSUSE-SU-2019:2395-1

OPENSUSE-SU-2019:2397-1

OPENSUSE-SU-2019_2395-1

OPENSUSE-SU-2019_2397-1

OPENSUSE-SU-2024:11419-1

RHSA-2020:4638

RHSA-2020_4638

RHSA-2022:0633

RLSA-2020:4638

SUSE-SU-2019:2749-1

SUSE-SU-2019:2752-1

SUSE-SU-2019:2752-2

SUSE-SU-2019_2749-1

SUSE-SU-2019_2752-1

SUSE-SU-2019_2752-2

USN-4242-1

Affected Products

Alt Linux

Astra Linux

Centos

Red Hat

Rocky Linux

Suse

Ubuntu

Sysstat

PT-2019-6271 · Sysstat+7 · Sysstat+7

CVE-2019-16167

Weakness Enumeration

Related Identifiers

Affected Products

References · 49