[Pkg-net-snmp-devel] Bug#963713: net-snmp: CVE-2019-20892
Salvatore Bonaccorso
carnil at debian.org
Thu Jun 25 21:29:20 BST 2020
Source: net-snmp
Version: 5.8+dfsg-2
Severity: grave
Tags: security upstream
Justification: user security hole
Hi,
The following vulnerability was published for net-snmp.
CVE-2019-20892[0]:
| net-snmp before 5.8.1.pre1 has a double free in
| usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk
| request. NOTE: this affects net-snmp packages shipped to end users by
| multiple Linux distributions, but might not affect an upstream
| release.
See [1] for the CVE heads-up post, and [2] the Launchpad Bug where the
issue originally is tracked from. The issue can be verified with:
| # systemctl stop snmpd.service
| # cat >> /var/lib/snmp/snmpd.conf << __EOF__
| createUser testuser SHA "testpass" AES "testpass"
| __EOF__
| # cat >> /etc/snmp/snmpd.conf << __EOF__
| rwuser testuser
| __EOF__
| # systemctl start snmpd.service
| # snmpbulkget -v3 -Cn1 -Cr1472 -l authPriv -u testuser -a SHA -A testpass -x AES -X testpass 127.0.0.1 1.3.6.1.2.1.1.5 1.3.6.1.2.1.1.7
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-20892
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20892
[1] https://www.openwall.com/lists/oss-security/2020/06/25/4
[2] https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1877027
Please adjust the affected versions in the BTS as needed, I'm not sure
where the issue has been introduced, but possibly does not affect
indeed older suites (please do double check).
Regards,
Salvatore
More information about the Pkg-net-snmp-devel
mailing list