Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-16820

Опубликовано: 14 нояб. 2017
Источник: redhat
CVSS3: 5.6
EPSS Низкий

Описание

The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact).

A double-free vulnerability was found in the csnmp_read_table function in the SNMP plugin of collectd. A network-based attacker could exploit this by sending malformed data, causing collectd to crash or possibly other impact.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Ceph Storage 2collectdAffected
Red Hat Ceph Storage 3collectdAffected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational ToolscollectdWill not fix
Red Hat OpenStack Platform 8 (Liberty) Operational ToolscollectdWill not fix
Red Hat OpenStack Platform 9 (Mitaka) Operational ToolscollectdWill not fix
Red Hat Storage Console 2collectdWill not fix
Red Hat Gluster Storage 3.4 for RHEL 7collectdFixedRHSA-2018:261504.09.2018
Red Hat OpenStack Platform 10.0 Operational Tools for RHEL 7collectdFixedRHSA-2018:160517.05.2018
Red Hat OpenStack Platform 10.0 Operational Tools for RHEL 7intel-cmt-catFixedRHSA-2018:160517.05.2018
Red Hat OpenStack Platform 11.0 Operational Tools for RHEL 7collectdFixedRHSA-2018:029913.02.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=1516447collectd: double free in csnmp_read_table function in snmp.c

EPSS

Процентиль: 86%
0.02833
Низкий

5.6 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-16820

CVSS3: 9.8
ubuntu
около 8 лет назад

The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact).

nvd логотип

CVE-2017-16820

CVSS3: 9.8
nvd
около 8 лет назад

The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact).

debian логотип

CVE-2017-16820

CVSS3: 9.8
debian
около 8 лет назад

The csnmp_read_table function in snmp.c in the SNMP plugin in collectd ...

github логотип

GHSA-fh5v-r835-mw7v

CVSS3: 9.8
github
больше 3 лет назад

The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact).

fstec логотип

BDU:2017-02653

CVSS3: 9.8
fstec
больше 8 лет назад

Уязвимость функции csnmp_read_table (snmp.c) SNMP-плагина демона Сollectd, позволяющая нарушителю вызвать аварийное завершение работы приложения

EPSS

Процентиль: 86%
0.02833
Низкий

5.6 Medium

CVSS3