SUSE update for net-snmp
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-18065 CVE-2020-15862 |
| CWE-ID | CWE-476 CWE-732 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SUSE Linux Enterprise Realtime Extension Operating systems & Components / Operating system SUSE Enterprise Storage Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Operating systems & Components / Operating system SUSE Linux Enterprise Server Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing Operating systems & Components / Operating system snmp-mibs Operating systems & Components / Operating system package or component perl-SNMP-debuginfo Operating systems & Components / Operating system package or component perl-SNMP Operating systems & Components / Operating system package or component net-snmp-devel Operating systems & Components / Operating system package or component net-snmp-debugsource Operating systems & Components / Operating system package or component net-snmp-debuginfo Operating systems & Components / Operating system package or component net-snmp Operating systems & Components / Operating system package or component libsnmp30-debuginfo Operating systems & Components / Operating system package or component libsnmp30 Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Null pointer dereference
EUVDB-ID: #VU15322
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-18065
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The vulnerability exists in the _set_key() function, as defined in the agent/helpers/table_container.c source code file due to a NULL pointer exception bug. A remote attacker can send a malicious UDP packet, trigger a NULL pointer dereference condition, cause the application to crash.
MitigationUpdate the affected package net-snmp to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Realtime Extension: 15-SP2
SUSE Enterprise Storage: 7.1
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
SUSE Linux Enterprise Server for SAP: 15-SP2
SUSE Linux Enterprise Server: 15-SP2-LTSS - 15-SP2-BCL
SUSE Linux Enterprise High Performance Computing: 15-SP2-LTSS - 15-SP2-ESPOS
snmp-mibs: before 5.7.3-10.9.1
perl-SNMP-debuginfo: before 5.7.3-10.9.1
perl-SNMP: before 5.7.3-10.9.1
net-snmp-devel: before 5.7.3-10.9.1
net-snmp-debugsource: before 5.7.3-10.9.1
net-snmp-debuginfo: before 5.7.3-10.9.1
net-snmp: before 5.7.3-10.9.1
libsnmp30-debuginfo: before 5.7.3-10.9.1
libsnmp30: before 5.7.3-10.9.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_realtime_extension:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:15-SP2-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:15-SP2-BCL:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing:15-SP2-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing:15-SP2-ESPOS:*:*:*:*:*:*:*
- cpe:2.3:a:suse:snmp-mibs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:perl-snmp-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:perl-snmp:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:net-snmp-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:net-snmp-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:net-snmp-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:net-snmp:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libsnmp30-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libsnmp30:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20220050-2/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Incorrect permission assignment for critical resource
EUVDB-ID: #VU45745
Risk: Medium
CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-15862
CWE-ID:
CWE-732 - Incorrect Permission Assignment for Critical Resource
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to insecure permissions set by the Net-snmp installed on Debian-based systems. A remote user can overwrite files in net-snmp directory via EXTEND MIB and execute arbitrary code on the system with root privileges.
Update the affected package net-snmp to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Realtime Extension: 15-SP2
SUSE Enterprise Storage: 7.1
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
SUSE Linux Enterprise Server for SAP: 15-SP2
SUSE Linux Enterprise Server: 15-SP2-LTSS - 15-SP2-BCL
SUSE Linux Enterprise High Performance Computing: 15-SP2-LTSS - 15-SP2-ESPOS
snmp-mibs: before 5.7.3-10.9.1
perl-SNMP-debuginfo: before 5.7.3-10.9.1
perl-SNMP: before 5.7.3-10.9.1
net-snmp-devel: before 5.7.3-10.9.1
net-snmp-debugsource: before 5.7.3-10.9.1
net-snmp-debuginfo: before 5.7.3-10.9.1
net-snmp: before 5.7.3-10.9.1
libsnmp30-debuginfo: before 5.7.3-10.9.1
libsnmp30: before 5.7.3-10.9.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_realtime_extension:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:15-SP2-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:15-SP2-BCL:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing:15-SP2-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing:15-SP2-ESPOS:*:*:*:*:*:*:*
- cpe:2.3:a:suse:snmp-mibs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:perl-snmp-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:perl-snmp:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:net-snmp-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:net-snmp-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:net-snmp-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:net-snmp:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libsnmp30-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libsnmp30:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20220050-2/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
