Sysstat Project Sysstat vulnerabilities

CVE-2023-33204 [HIGH] CVE-2023-33204: sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377.

CVE-2022-39377 [HIGH] CWE-120 CVE-2022-39377: sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in v sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated f

CVE-2019-19725 [CRITICAL] CWE-415 CVE-2019-19725: sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c.

CVE-2019-16167 [MEDIUM] CWE-190 CVE-2019-16167: sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_commo sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.

CVE-2018-19517 [MEDIUM] CWE-125 CVE-2018-19517: An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bo An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memset call, as demonstrated by sadf.

CVE-2018-19416 [HIGH] CWE-125 CVE-2018-19416: An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bo An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memmove call, as demonstrated by sadf.