CVE-2022-24805

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-24805
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-24805.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-24805
Related
Published
2024-04-16T20:15:07Z
Modified
2024-10-12T09:20:39.172860Z
Summary
[none]
Details

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.

References

Affected packages

Alpine:v3.13 / net-snmp

Package

Name
net-snmp
Purl
pkg:apk/alpine/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.3-r0

Affected versions

5.*

5.4.2.1-r0
5.4.2.1-r1
5.4.2.1-r2
5.4.2.1-r3
5.4.2.1-r4
5.5-r0
5.5-r1
5.5-r2
5.5-r3
5.5-r4
5.5-r5
5.6.1-r0
5.6.1-r1
5.6.1-r2
5.7-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.1-r3
5.7.1-r4
5.7.1-r5
5.7.1-r6
5.7.1-r7
5.7.2-r0
5.7.2-r1
5.7.2-r2
5.7.2.1-r0
5.7.2.1-r1
5.7.2.1-r2
5.7.2.1-r3
5.7.2.1-r4
5.7.3-r0
5.7.3-r1
5.7.3-r2
5.7.3-r3
5.7.3-r4
5.7.3-r5
5.7.3-r6
5.7.3-r7
5.7.3-r8
5.7.3-r9
5.7.3-r10
5.7.3-r11
5.8-r0
5.8-r1
5.8-r2
5.8-r3
5.9-r0
5.9-r1
5.9-r2
5.9-r3

Alpine:v3.14 / net-snmp

Package

Name
net-snmp
Purl
pkg:apk/alpine/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.3-r0

Affected versions

5.*

5.4.2.1-r0
5.4.2.1-r1
5.4.2.1-r2
5.4.2.1-r3
5.4.2.1-r4
5.5-r0
5.5-r1
5.5-r2
5.5-r3
5.5-r4
5.5-r5
5.6.1-r0
5.6.1-r1
5.6.1-r2
5.7-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.1-r3
5.7.1-r4
5.7.1-r5
5.7.1-r6
5.7.1-r7
5.7.2-r0
5.7.2-r1
5.7.2-r2
5.7.2.1-r0
5.7.2.1-r1
5.7.2.1-r2
5.7.2.1-r3
5.7.2.1-r4
5.7.3-r0
5.7.3-r1
5.7.3-r2
5.7.3-r3
5.7.3-r4
5.7.3-r5
5.7.3-r6
5.7.3-r7
5.7.3-r8
5.7.3-r9
5.7.3-r10
5.7.3-r11
5.8-r0
5.8-r1
5.8-r2
5.8-r3
5.9-r0
5.9-r1
5.9-r2
5.9-r3
5.9-r4

Alpine:v3.15 / net-snmp

Package

Name
net-snmp
Purl
pkg:apk/alpine/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.3-r0

Affected versions

5.*

5.4.2.1-r0
5.4.2.1-r1
5.4.2.1-r2
5.4.2.1-r3
5.4.2.1-r4
5.5-r0
5.5-r1
5.5-r2
5.5-r3
5.5-r4
5.5-r5
5.6.1-r0
5.6.1-r1
5.6.1-r2
5.7-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.1-r3
5.7.1-r4
5.7.1-r5
5.7.1-r6
5.7.1-r7
5.7.2-r0
5.7.2-r1
5.7.2-r2
5.7.2.1-r0
5.7.2.1-r1
5.7.2.1-r2
5.7.2.1-r3
5.7.2.1-r4
5.7.3-r0
5.7.3-r1
5.7.3-r2
5.7.3-r3
5.7.3-r4
5.7.3-r5
5.7.3-r6
5.7.3-r7
5.7.3-r8
5.7.3-r9
5.7.3-r10
5.7.3-r11
5.8-r0
5.8-r1
5.8-r2
5.8-r3
5.9-r0
5.9-r1
5.9-r2
5.9-r3
5.9-r4
5.9.1-r0
5.9.1-r1
5.9.1-r2
5.9.1-r3
5.9.1-r4
5.9.1-r5

Alpine:v3.16 / net-snmp

Package

Name
net-snmp
Purl
pkg:apk/alpine/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.3-r0

Affected versions

5.*

5.4.2.1-r0
5.4.2.1-r1
5.4.2.1-r2
5.4.2.1-r3
5.4.2.1-r4
5.5-r0
5.5-r1
5.5-r2
5.5-r3
5.5-r4
5.5-r5
5.6.1-r0
5.6.1-r1
5.6.1-r2
5.7-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.1-r3
5.7.1-r4
5.7.1-r5
5.7.1-r6
5.7.1-r7
5.7.2-r0
5.7.2-r1
5.7.2-r2
5.7.2.1-r0
5.7.2.1-r1
5.7.2.1-r2
5.7.2.1-r3
5.7.2.1-r4
5.7.3-r0
5.7.3-r1
5.7.3-r2
5.7.3-r3
5.7.3-r4
5.7.3-r5
5.7.3-r6
5.7.3-r7
5.7.3-r8
5.7.3-r9
5.7.3-r10
5.7.3-r11
5.8-r0
5.8-r1
5.8-r2
5.8-r3
5.9-r0
5.9-r1
5.9-r2
5.9-r3
5.9-r4
5.9.1-r0
5.9.1-r1
5.9.1-r2
5.9.1-r3
5.9.1-r4
5.9.1-r5
5.9.1-r6

Alpine:v3.17 / net-snmp

Package

Name
net-snmp
Purl
pkg:apk/alpine/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.3-r0

Affected versions

5.*

5.4.2.1-r0
5.4.2.1-r1
5.4.2.1-r2
5.4.2.1-r3
5.4.2.1-r4
5.5-r0
5.5-r1
5.5-r2
5.5-r3
5.5-r4
5.5-r5
5.6.1-r0
5.6.1-r1
5.6.1-r2
5.7-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.1-r3
5.7.1-r4
5.7.1-r5
5.7.1-r6
5.7.1-r7
5.7.2-r0
5.7.2-r1
5.7.2-r2
5.7.2.1-r0
5.7.2.1-r1
5.7.2.1-r2
5.7.2.1-r3
5.7.2.1-r4
5.7.3-r0
5.7.3-r1
5.7.3-r2
5.7.3-r3
5.7.3-r4
5.7.3-r5
5.7.3-r6
5.7.3-r7
5.7.3-r8
5.7.3-r9
5.7.3-r10
5.7.3-r11
5.8-r0
5.8-r1
5.8-r2
5.8-r3
5.9-r0
5.9-r1
5.9-r2
5.9-r3
5.9-r4
5.9.1-r0
5.9.1-r1
5.9.1-r2
5.9.1-r3
5.9.1-r4
5.9.1-r5
5.9.1-r6
5.9.1-r7

Alpine:v3.18 / net-snmp

Package

Name
net-snmp
Purl
pkg:apk/alpine/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.3-r0

Affected versions

5.*

5.4.2.1-r0
5.4.2.1-r1
5.4.2.1-r2
5.4.2.1-r3
5.4.2.1-r4
5.5-r0
5.5-r1
5.5-r2
5.5-r3
5.5-r4
5.5-r5
5.6.1-r0
5.6.1-r1
5.6.1-r2
5.7-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.1-r3
5.7.1-r4
5.7.1-r5
5.7.1-r6
5.7.1-r7
5.7.2-r0
5.7.2-r1
5.7.2-r2
5.7.2.1-r0
5.7.2.1-r1
5.7.2.1-r2
5.7.2.1-r3
5.7.2.1-r4
5.7.3-r0
5.7.3-r1
5.7.3-r2
5.7.3-r3
5.7.3-r4
5.7.3-r5
5.7.3-r6
5.7.3-r7
5.7.3-r8
5.7.3-r9
5.7.3-r10
5.7.3-r11
5.8-r0
5.8-r1
5.8-r2
5.8-r3
5.9-r0
5.9-r1
5.9-r2
5.9-r3
5.9-r4
5.9.1-r0
5.9.1-r1
5.9.1-r2
5.9.1-r3
5.9.1-r4
5.9.1-r5
5.9.1-r6
5.9.1-r7

Alpine:v3.19 / net-snmp

Package

Name
net-snmp
Purl
pkg:apk/alpine/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.3-r0

Affected versions

5.*

5.4.2.1-r0
5.4.2.1-r1
5.4.2.1-r2
5.4.2.1-r3
5.4.2.1-r4
5.5-r0
5.5-r1
5.5-r2
5.5-r3
5.5-r4
5.5-r5
5.6.1-r0
5.6.1-r1
5.6.1-r2
5.7-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.1-r3
5.7.1-r4
5.7.1-r5
5.7.1-r6
5.7.1-r7
5.7.2-r0
5.7.2-r1
5.7.2-r2
5.7.2.1-r0
5.7.2.1-r1
5.7.2.1-r2
5.7.2.1-r3
5.7.2.1-r4
5.7.3-r0
5.7.3-r1
5.7.3-r2
5.7.3-r3
5.7.3-r4
5.7.3-r5
5.7.3-r6
5.7.3-r7
5.7.3-r8
5.7.3-r9
5.7.3-r10
5.7.3-r11
5.8-r0
5.8-r1
5.8-r2
5.8-r3
5.9-r0
5.9-r1
5.9-r2
5.9-r3
5.9-r4
5.9.1-r0
5.9.1-r1
5.9.1-r2
5.9.1-r3
5.9.1-r4
5.9.1-r5
5.9.1-r6
5.9.1-r7

Alpine:v3.20 / net-snmp

Package

Name
net-snmp
Purl
pkg:apk/alpine/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.3-r0

Affected versions

5.*

5.4.2.1-r0
5.4.2.1-r1
5.4.2.1-r2
5.4.2.1-r3
5.4.2.1-r4
5.5-r0
5.5-r1
5.5-r2
5.5-r3
5.5-r4
5.5-r5
5.6.1-r0
5.6.1-r1
5.6.1-r2
5.7-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.1-r3
5.7.1-r4
5.7.1-r5
5.7.1-r6
5.7.1-r7
5.7.2-r0
5.7.2-r1
5.7.2-r2
5.7.2.1-r0
5.7.2.1-r1
5.7.2.1-r2
5.7.2.1-r3
5.7.2.1-r4
5.7.3-r0
5.7.3-r1
5.7.3-r2
5.7.3-r3
5.7.3-r4
5.7.3-r5
5.7.3-r6
5.7.3-r7
5.7.3-r8
5.7.3-r9
5.7.3-r10
5.7.3-r11
5.8-r0
5.8-r1
5.8-r2
5.8-r3
5.9-r0
5.9-r1
5.9-r2
5.9-r3
5.9-r4
5.9.1-r0
5.9.1-r1
5.9.1-r2
5.9.1-r3
5.9.1-r4
5.9.1-r5
5.9.1-r6
5.9.1-r7

Debian:11 / net-snmp

Package

Name
net-snmp
Purl
pkg:deb/debian/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9+dfsg-4+deb11u1

Affected versions

5.*

5.9+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / net-snmp

Package

Name
net-snmp
Purl
pkg:deb/debian/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.3+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / net-snmp

Package

Name
net-snmp
Purl
pkg:deb/debian/net-snmp?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.3+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/net-snmp/net-snmp

Affected ranges

Type
GIT
Repo
https://github.com/net-snmp/net-snmp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

v3.*

v3.0
v3.0.1
v3.0.2
v3.0.2.1
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.0.7
v3.0.7.1
v3.0.7.2
v3.1
v3.1.0.1
v3.1.1
v3.1.2
v3.1.2.1
v3.1.3
v3.2
v3.3
v3.4
v3.5
v3.6
v3.6.1

v4.*

v4.0
v4.0.1
v4.1
v4.1.1
v4.2

v5.*

v5.0
v5.0.1
v5.0.10
v5.0.10.2
v5.0.11
v5.0.11.1
v5.0.2
v5.0.3
v5.0.4
v5.0.5
v5.0.6
v5.0.7
v5.0.8
v5.0.9
v5.1
v5.1.1
v5.1.2
v5.1.3
v5.1.4
v5.1.4.1
v5.2
v5.2.1
v5.2.2
v5.2.3
v5.2.4
v5.2.4.pre1
v5.2.4.pre2
v5.2.4.pre3
v5.2.4.rc1
v5.2.4.rc2
v5.2.5
v5.2.5.pre1
v5.2.5.pre2
v5.2.5.rc1
v5.2.5.rc2
v5.2.6
v5.2.6.pre1
v5.2.6.pre2
v5.2.6.rc1
v5.2.6.rc2
v5.2.6.rc3
v5.3
v5.3.1
v5.3.2
v5.3.2.pre1
v5.3.2.rc1
v5.3.3
v5.3.3.pre1
v5.3.3.rc1
v5.3.3.rc2
v5.3.4
v5.3.4.pre1
v5.3.4.pre2
v5.3.4.rc1
v5.4
v5.4.1
v5.4.1.pre1
v5.4.1.pre2
v5.4.1.pre3
v5.4.1.rc1
v5.4.1.rc2
v5.4.1.rc3
v5.4.1.rc4
v5.4.2
v5.4.2.pre1
v5.4.2.pre2
v5.4.2.rc1
v5.4.2.rc2
v5.4.2.rc3
v5.4.3
v5.4.3.pre1
v5.4.3.pre2
v5.4.3.rc1
v5.4.3.rc2
v5.4.3.rc3
v5.4.4
v5.4.4.pre1
v5.4.4.pre2
v5.4.4.rc1
v5.4.5.pre1
v5.4.5.pre2
v5.5
v5.5.1
v5.5.1.rc2
v5.5.2
v5.5.2.pre1
v5.5.2.rc1
v5.5.2.rc2
v5.5.2.rc3
v5.5.pre1
v5.5.pre2
v5.5.pre3
v5.5.rc1
v5.5.rc2
v5.5.rc3
v5.6
v5.6.1
v5.6.1.pre1
v5.6.1.pre2
v5.6.1.rc1
v5.6.1.rc2
v5.6.2
v5.6.2.pre1
v5.6.2.pre2
v5.6.2.rc1
v5.6.2.rc2
v5.6.2.rc3
v5.6.pre1
v5.6.pre2
v5.6.pre3
v5.6.rc1
v5.6.rc2
v5.6.rc3
v5.7
v5.7.1
v5.7.1.pre1
v5.7.1.pre2
v5.7.1.rc1
v5.7.1.rc2
v5.7.1.rc3
v5.7.2
v5.7.2.pre1
v5.7.2.pre2
v5.7.2.pre3
v5.7.2.rc1
v5.7.2.rc2
v5.7.2.rc3
v5.7.3
v5.7.3.pre1
v5.7.3.pre2
v5.7.3.pre3
v5.7.3.pre4
v5.7.3.pre5
v5.7.3.rc1
v5.7.3.rc2
v5.7.3.rc3
v5.7.pre1
v5.7.pre2
v5.7.rc1
v5.7.rc2
v5.7.rc3
v5.8
v5.8.1.pre1
v5.8.1.pre2
v5.8.1.rc1
v5.8.pre1
v5.8.pre2
v5.8.pre3
v5.8.rc1
v5.8.rc2
v5.8.rc3
v5.8.rc4
v5.9
v5.9.1
v5.9.1.pre1
v5.9.1.rc1
v5.9.rc2
v5.9.verfix