Sysstat CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-39377	4 Debian, Fedoraproject, Redhat and 1 more	4 Debian Linux, Fedora, Enterprise Linux and 1 more	2025-04-22	7 High
sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1.
CVE-2007-3852	2 Redhat, Sysstat	2 Enterprise Linux, Sysstat	2025-04-09	N/A
The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code.
CVE-2004-0107	3 Redhat, Sgi, Sysstat	5 Enterprise Linux, Linux, Sysstat and 2 more	2025-04-03	N/A
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
CVE-2004-0108	3 Redhat, Sgi, Sysstat	4 Enterprise Linux, Sysstat, Propack and 1 more	2025-04-03	N/A
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.
CVE-2023-33204	4 Debian, Fedoraproject, Redhat and 1 more	4 Debian Linux, Fedora, Enterprise Linux and 1 more	2025-01-22	7.8 High
sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377.
CVE-2019-16167	6 Canonical, Debian, Fedoraproject and 3 more	7 Ubuntu Linux, Debian Linux, Fedora and 4 more	2024-11-21	5.5 Medium
sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.

Page 1 of 1.