ID CVE-2019-20892
Summary net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.
References
Vulnerable Configurations
  • cpe:2.3:a:net-snmp:net-snmp:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.1:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.3:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.4:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.5:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.6:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.7:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:net-snmp:net-snmp:5.8:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 02-09-2022 - 15:31)
Impact:
Exploitability:
CWE CWE-415
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
redhat via4
advisories
bugzilla
id 1802055
title net-snmpd double free or corruption error [rhel-8.1.0.z]
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 8 is installed
      oval oval:com.redhat.rhba:tst:20193384074
    • OR
      • AND
        • comment net-snmp is earlier than 1:5.8-12.el8_1.1
          oval oval:com.redhat.rhba:tst:20201376001
        • comment net-snmp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150002
      • AND
        • comment net-snmp-agent-libs is earlier than 1:5.8-12.el8_1.1
          oval oval:com.redhat.rhba:tst:20201376003
        • comment net-snmp-agent-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20201376004
      • AND
        • comment net-snmp-debugsource is earlier than 1:5.8-12.el8_1.1
          oval oval:com.redhat.rhba:tst:20201376005
        • comment net-snmp-debugsource is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20201376006
      • AND
        • comment net-snmp-devel is earlier than 1:5.8-12.el8_1.1
          oval oval:com.redhat.rhba:tst:20201376007
        • comment net-snmp-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150004
      • AND
        • comment net-snmp-libs is earlier than 1:5.8-12.el8_1.1
          oval oval:com.redhat.rhba:tst:20201376009
        • comment net-snmp-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150006
      • AND
        • comment net-snmp-utils is earlier than 1:5.8-12.el8_1.1
          oval oval:com.redhat.rhba:tst:20201376011
        • comment net-snmp-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150012
rhsa
id RHBA-2020:1376
released 2020-04-07
severity Moderate
title RHBA-2020:1376: net-snmp bug fix and enhancement update (Moderate)
rpms
  • net-snmp-1:5.8-12.el8_1.1
  • net-snmp-agent-libs-1:5.8-12.el8_1.1
  • net-snmp-agent-libs-debuginfo-1:5.8-12.el8_1.1
  • net-snmp-debuginfo-1:5.8-12.el8_1.1
  • net-snmp-debugsource-1:5.8-12.el8_1.1
  • net-snmp-devel-1:5.8-12.el8_1.1
  • net-snmp-libs-1:5.8-12.el8_1.1
  • net-snmp-libs-debuginfo-1:5.8-12.el8_1.1
  • net-snmp-perl-debuginfo-1:5.8-12.el8_1.1
  • net-snmp-utils-1:5.8-12.el8_1.1
  • net-snmp-utils-debuginfo-1:5.8-12.el8_1.1
refmap via4
gentoo GLSA-202008-12
misc
mlist [oss-security] 20200625 [cve-request@...re.org: Re: [scr916814] net-snmp - Perhaps only unreleased development versions; fix appears to be in v5.8.1.pre1]
ubuntu USN-4410-1
Last major update 02-09-2022 - 15:31
Published 25-06-2020 - 10:15
Last modified 02-09-2022 - 15:31
Back to Top