Описание
Security update for net-snmp
This update for net-snmp fixes the following issues:
- CVE-2020-15862: Make extended MIB read-only (bsc#1174961)
- CVE-2018-18065: Fix remote DoS in agent/helpers/table.c (bsc#1111122)
Список пакетов
Container ses/7.1/ceph/keepalived:latest
libsnmp30-5.7.3-10.9.1
Image SLES15-SP1-SAP-Azure
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP1-SAP-Azure-BYOS
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP1-SAP-EC2-HVM
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP1-SAP-EC2-HVM-BYOS
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP1-SAP-GCE
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP1-SAP-GCE-BYOS
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-SAP-Azure
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-SAP-BYOS-Azure
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-SAP-BYOS-GCE
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-SAP-EC2-HVM
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP2-SAP-GCE
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libsnmp30-5.7.3-10.9.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libsnmp30-5.7.3-10.9.1
Image SLES15-SP3-SAP-BYOS-Azure
libsnmp30-5.7.3-10.9.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libsnmp30-5.7.3-10.9.1
Image SLES15-SP3-SAP-BYOS-GCE
libsnmp30-5.7.3-10.9.1
SUSE Enterprise Storage 6
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
net-snmp-devel-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
net-snmp-devel-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
net-snmp-devel-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
net-snmp-devel-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
SUSE Linux Enterprise Module for Package Hub 15 SP3
libsnmp30-32bit-5.7.3-10.9.1
SUSE Linux Enterprise Server 15 SP1-BCL
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
net-snmp-devel-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
SUSE Linux Enterprise Server 15 SP1-LTSS
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
net-snmp-devel-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
libsnmp30-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
net-snmp-devel-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
Ссылки
- Link for SUSE-SU-2022:0050-1
- E-Mail link for SUSE-SU-2022:0050-1
- SUSE Security Ratings
- SUSE Bug 1027353
- SUSE Bug 1081164
- SUSE Bug 1102775
- SUSE Bug 1108471
- SUSE Bug 1111122
- SUSE Bug 1116807
- SUSE Bug 1140341
- SUSE Bug 1145864
- SUSE Bug 1152968
- SUSE Bug 1174961
- SUSE Bug 1178021
- SUSE Bug 1178351
- SUSE Bug 1179009
- SUSE Bug 1179699
- SUSE Bug 1181591
- SUSE CVE CVE-2018-18065 page
- SUSE CVE CVE-2020-15862 page
Описание
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Затронутые продукты
Container ses/7.1/ceph/keepalived:latest:libsnmp30-5.7.3-10.9.1
Image SLES15-SP1-SAP-Azure-BYOS:libsnmp30-5.7.3-10.9.1
Image SLES15-SP1-SAP-Azure-BYOS:net-snmp-5.7.3-10.9.1
Image SLES15-SP1-SAP-Azure-BYOS:perl-SNMP-5.7.3-10.9.1
Ссылки
- CVE-2018-18065
- SUSE Bug 1111122
- SUSE Bug 1126909
- SUSE Bug 1145864
Описание
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
Затронутые продукты
Container ses/7.1/ceph/keepalived:latest:libsnmp30-5.7.3-10.9.1
Image SLES15-SP1-SAP-Azure-BYOS:libsnmp30-5.7.3-10.9.1
Image SLES15-SP1-SAP-Azure-BYOS:net-snmp-5.7.3-10.9.1
Image SLES15-SP1-SAP-Azure-BYOS:perl-SNMP-5.7.3-10.9.1
Ссылки
- CVE-2020-15862
- SUSE Bug 1174961
- SUSE Bug 1193875
- SUSE Bug 1196341