{"id":"MGASA-2022-0311","summary":"Updated net-snmp packages fix security vulnerability","details":"A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can\ncause an out-of-bounds memory access. (CVE-2022-24805)\nBuffer overflow and out of bounds memory access. (CVE-2022-24806)\nA malformed OID in a SET request to\nSNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory\naccess. (CVE-2022-24807)\nA malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can\ncause a NULL pointer dereference. (CVE-2022-24808)\nA malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL\npointer dereference. (CVE-2022-24809)\nA malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer\ndereference. (CVE-2022-24810)\n","modified":"2026-04-16T00:09:19.772371560Z","published":"2022-08-29T05:07:41Z","upstream":["CVE-2022-24805","CVE-2022-24806","CVE-2022-24807","CVE-2022-24808","CVE-2022-24809","CVE-2022-24810"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0311.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30697"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5543-1"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"type":"WEB","url":"https://www.debian.org/security/2022/dsa-5209"}],"affected":[{"package":{"name":"net-snmp","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/net-snmp?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.9-1.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0311.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}