Описание
Security update for net-snmp
This update for net-snmp fixes the following issues:
- CVE-2022-44793: Fixed a NULL pointer dereference issue that could allow a remote attacker with write access to crash the server instance (bsc#1205148).
- CVE-2022-44792: Fixed a NULL pointer dereference issue that could allow a remote attacker with write access to crash the server instance (bsc#1205150).
Other fixes:
- Fixed a potential invalid free of memory, and hardened string handling against concurrency issues (bsc#1198059).
Список пакетов
Image SLES12-SP5-Azure-SAP-BYOS
libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-Azure-SAP-On-Demand
libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-EC2-SAP-BYOS
libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-EC2-SAP-On-Demand
libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-GCE-SAP-BYOS
libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-GCE-SAP-On-Demand
libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libsnmp30-5.7.3-11.6.1
SUSE Linux Enterprise Server 12 SP5
libsnmp30-5.7.3-11.6.1
libsnmp30-32bit-5.7.3-11.6.1
net-snmp-5.7.3-11.6.1
perl-SNMP-5.7.3-11.6.1
snmp-mibs-5.7.3-11.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libsnmp30-5.7.3-11.6.1
libsnmp30-32bit-5.7.3-11.6.1
net-snmp-5.7.3-11.6.1
perl-SNMP-5.7.3-11.6.1
snmp-mibs-5.7.3-11.6.1
SUSE Linux Enterprise Software Development Kit 12 SP5
net-snmp-devel-5.7.3-11.6.1
Ссылки
- Link for SUSE-SU-2023:0068-1
- E-Mail link for SUSE-SU-2023:0068-1
- SUSE Security Ratings
- SUSE Bug 1198059
- SUSE Bug 1205148
- SUSE Bug 1205150
- SUSE CVE CVE-2022-44792 page
- SUSE CVE CVE-2022-44793 page
Описание
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-Azure-SAP-On-Demand:libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-EC2-SAP-BYOS:libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-EC2-SAP-On-Demand:libsnmp30-5.7.3-11.6.1
Ссылки
- CVE-2022-44792
- SUSE Bug 1205150
- SUSE Bug 1207896
Описание
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-Azure-SAP-On-Demand:libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-EC2-SAP-BYOS:libsnmp30-5.7.3-11.6.1
Image SLES12-SP5-EC2-SAP-On-Demand:libsnmp30-5.7.3-11.6.1
Ссылки
- CVE-2022-44793
- SUSE Bug 1205148
- SUSE Bug 1207896