cbcvebase.
CVE-2019-16167
published 2019-09-09

CVE-2019-16167: sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.

PriorityP421medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
EPSS
1.53%
71.7th percentile
sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.

Affected

16 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiandebian_linux
debiansysstat< sysstat 12.1.7-1 (bookworm)sysstat 12.1.7-1 (bookworm)
fedoraprojectfedora
opensuseleap
opensuseleap
sysstat_projectsysstat< 12.1.612.1.6
sysstat_projectsysstat>= 0 < 12.1.7-112.1.7-1
sysstat_projectsysstat>= 0 < 12.1.7-112.1.7-1
sysstat_projectsysstat>= 0 < 12.1.7-112.1.7-1
sysstat_projectsysstat>= 0 < 12.1.7-112.1.7-1
sysstat_projectsysstat>= 0 < 11.2.0-1ubuntu0.311.2.0-1ubuntu0.3
sysstat_projectsysstat>= 0 < 11.6.1-1ubuntu0.111.6.1-1ubuntu0.1

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv5.5MEDIUM
vendor_debian5.5MEDIUM
vendor_redhat5.5MEDIUM
vendor_ubuntu5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.