Bugzilla – Bug 1201103
VUL-0: CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808, CVE-2022-24809, CVE-2022-24810: net-snmp: multiple memory handling issues
Last modified: 2023-01-05 13:39:56 UTC
From https://github.com/net-snmp/net-snmp/blob/v5.9.2/CHANGES - These two CVEs can be exploited by a user with read-only credentials: - CVE-2022-24805 A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. - These CVEs can be exploited by a user with read-write credentials: - CVE-2022-24806 Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously - CVE-2022-24807 A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. - CVE-2022-24808 A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference - CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. - To avoid these flaws, use strong SNMPv3 credentials and do not share them. If you must use SNMPv1 or SNMPv2c, use a complex community string and enhance the protection by restricting access to a given IP address range.
Version 5.9.2 was replaced by v5.9.3 *5.9.2*: skipped due to a last minute library versioning found bug -- use 5.9.3 instead
SUSE-SU-2022:4205-1: An update that fixes 6 vulnerabilities, contains one feature is now available. Category: security (moderate) Bug References: 1201103 CVE References: CVE-2022-24805,CVE-2022-24806,CVE-2022-24807,CVE-2022-24808,CVE-2022-24809,CVE-2022-24810 JIRA References: SLE-11203 Sources used: openSUSE Leap 15.5 (src): net-snmp-5.9.3-150300.15.3.1 openSUSE Leap 15.4 (src): net-snmp-5.9.3-150300.15.3.1 openSUSE Leap 15.3 (src): net-snmp-5.9.3-150300.15.3.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (src): net-snmp-5.9.3-150300.15.3.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (src): net-snmp-5.9.3-150300.15.3.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): net-snmp-5.9.3-150300.15.3.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): net-snmp-5.9.3-150300.15.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:4205-2: An update that fixes 6 vulnerabilities, contains one feature is now available. Category: security (moderate) Bug References: 1201103 CVE References: CVE-2022-24805,CVE-2022-24806,CVE-2022-24807,CVE-2022-24808,CVE-2022-24809,CVE-2022-24810 JIRA References: SLE-11203 Sources used: openSUSE Leap Micro 5.3 (src): net-snmp-5.9.3-150300.15.3.1 SUSE Linux Enterprise Micro 5.3 (src): net-snmp-5.9.3-150300.15.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Fixed and released.