Package "net-snmp"
  
    
    
        | Name: | net-snmp | 
    
        | Description:
 | This package is just an umbrella for a group of other packages,
            it has no description.Description samples from packages in group:
 
                    SNMP configuration script, MIBs and documentationSNMP (Simple Network Management Protocol) librarySNMP (Simple Network Management Protocol) applicationsSNMP (Simple Network Management Protocol) agents | 
    
        | Latest version: | 5.9.1+dfsg-1ubuntu2.4 | 
    
        | Release: | jammy (22.04) | 
    
        | Level: | security | 
    
        | Repository: | main | 
    
   
  
  
 
Links
Other versions of "net-snmp" in Jammy
    
Packages in group
Deleted packages are displayed in grey.
Changelog
    
    
    
        
        
    
    
        |   net-snmp (5.9.1+dfsg-1ubuntu2.4) jammy-security; urgency=medium   * SECURITY UPDATE: DoS via null pointer exception issues
- debian/patches/CVE-2022-4479x-1.patch: disallow SET with NULL varbind
 in agent/snmp_agent.c.
 - debian/patches/CVE-2022-4479x-2.patch: allow SET with NULL varbind
 for testing in apps/snmpset.c.
 - debian/patches/CVE-2022-4479x-3.patch: add test for NULL varbind set
 in testing/fulltests/default/T0142snmpv2csetnull_simple.
 - CVE-2022-44792
 - CVE-2022-44793
 * This package does _not_ contain the changes from 5.9.1+dfsg-1ubuntu2.3
 in jammy-proposed.
  -- Marc Deslauriers <email address hidden>  Fri, 06 Jan 2023 11:02:17 -0500 | 
    | Source diff to previous version | 
        
        | 
                
                | CVE-2022-4479 | RESERVED |  
                | CVE-2022-44792 | handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote |  
                | CVE-2022-44793 | handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a |  | 
    
    
    
    
    
        
        
    
    
        |   net-snmp (5.9.1+dfsg-1ubuntu2.2) jammy-security; urgency=medium   * SECURITY UPDATE: Multiple security issus
- debian/patches/CVE-2022-248xx-1.patch: fix bounds checking in
 NET-SNMP-AGENT-MIB, NET-SNMP-VACM-MIB, SNMP-VIEW-BASED-ACM-MIB,
 SNMP-USER-BASED-SM-MIB in  agent/mibgroup/agent/nsLogging.c,
 agent/mibgroup/agent/nsVacmAccessTable.c,
 agent/mibgroup/mibII/vacm_vars.c, agent/mibgroup/snmpv3/usmUser.
 - debian/patches/CVE-2022-248xx-2.patch: recover SET status from
 delegated request in agent/snmp_agent.c.
 - CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808,
 CVE-2022-24809, CVE-2022-24810
  -- Marc Deslauriers <email address hidden>  Mon, 25 Jul 2022 14:22:08 -0400 | 
    
        
        | 
                
                | CVE-2022-24805 | A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access |  
                | CVE-2022-24806 | Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously |  
                | CVE-2022-24807 | A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access |  
                | CVE-2022-24808 | A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference |  
                | CVE-2022-24809 | A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference |  
                | CVE-2022-24810 | A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference |  | 
    
    
        
        
        
            About
              -  
            Send Feedback to @ubuntu_updates