4 matches found
CVE-2022-24810
Net-snmp vulnerability CVE-2022-24810: A malformed OID in a SET to NET-SNMP’s VACM nsVacmAccessTable can cause a NULL pointer dereference. Affected are versions prior to 5.9.2; 5.9.2 contains a patch. Mitigations: upgrade to 5.9.2+ and restrict access; use strong SNMPv3 credentials and limit IP a...
CVE-2022-24810 net-snmp: A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference.
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...
CVE-2022-24809 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...
CVE-2022-24809
CVE-2022-2489 (CVE-2022-24809) affects net-snmp prior to 5.9.2, where a malformed OID in a GET-NEXT to nsVacmAccessTable can cause a NULL pointer dereference. The issue is addressed by the 5.9.2 patch. Provided references show multiple advisories (Debian, Red Hat, AlmaLinux) confirming the vulner...