Overview

File _patchinfo of Package patchinfo.27328

<patchinfo incident="27328">
  <issue tracker="bnc" id="1205148">VUL-0: CVE-2022-44793: net-snmp-openssl1,net-snmp: remote attacker with write access can cause a NULL pointer dereference in handle_ipv6IpForwarding()</issue>
  <issue tracker="bnc" id="1205150">VUL-0: CVE-2022-44792: net-snmp,net-snmp-openssl1: remote attacker with write access can cause a NULL pointer dereference in handle_ipDefaultTTL()</issue>
  <issue tracker="bnc" id="1198059">net-snmp-5.7.3-6.6.1 - fault with threads usage</issue>
  <issue tracker="cve" id="2022-44792"/>
  <issue tracker="cve" id="2022-44793"/>
  <packager>abergmann</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for net-snmp</summary>
  <description>This update for net-snmp fixes the following issues:

- CVE-2022-44793: Fixed a NULL pointer dereference issue that could
  allow a remote attacker with write access to crash the server
  instance (bsc#1205148).
- CVE-2022-44792: Fixed a NULL pointer dereference issue that could
  allow a remote attacker with write access to crash the server
  instance (bsc#1205150).

Other fixes:
- Fixed a potential invalid free of memory, and hardened string handling
  against concurrency issues (bsc#1198059).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places