#VU30790 Integer overflow in sysstat - CVE-2019-16167


| Updated: 2020-07-17

Vulnerability identifier: #VU30790

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-16167

CWE-ID: CWE-190

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
sysstat
Client/Desktop applications / Other client software

Vendor: GODARD Sebastien

Description

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.

Mitigation
Install update from vendor's website.

Vulnerable software versions

sysstat: 12.1.1 - 12.1.5

External links
https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00067.html
https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00068.html
https://github.com/sysstat/sysstat/compare/v12.1.5...v12.1.6
https://github.com/sysstat/sysstat/issues/230
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVSMKUPWIGQYX4G5LZXL7ZBJN3KY6RM3/
https://usn.ubuntu.com/4242-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Red Hat Enterprise Linux 8.2 update for sysstat
Red Hat Enterprise Linux 8 update for sysstat
OpenSUSE Linux update for sysstat
OpenSUSE Linux update for sysstat
Integer overflow in sysstat