« List of all CVEs

CVE-2019-20892

Published: 6/25/2020 Last updated: 8/5/2024 Reserved: 6/25/2020

net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (2)

conf-netsnmp netsnmp

Products affected (2)

Product	Vendor	Version
n/a	n/a	<= 6.6.*
n/a	n/a	< 069fd1688c57c0cc8a3de64d108579b31676f74b

References (32)