« List of all CVEs

CVE-2019-20892

Published: 6/25/2020 Last updated: 8/5/2024 Reserved: 6/25/2020

net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (2)

conf-netsnmp netsnmp

Products affected (1)

Product Vendor Version
n/a n/a <= 11.3.9

References (16)