{"id":"MGASA-2023-0015","summary":"Updated net-snmp packages fix security vulnerability","details":"handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8\nthrough 5.9.3 has a NULL Pointer Exception bug that can be used by a\nremote attacker (who has write access) to cause the instance to crash via\na crafted UDP packet, resulting in Denial of Service. (CVE-2022-44792)\n\nhandle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP\n5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a\nremote attacker to cause the instance to crash via a crafted UDP packet,\nresulting in Denial of Service. (CVE-2022-44793)\n","modified":"2026-01-31T19:59:10.655535Z","published":"2023-01-24T07:58:24Z","related":["CVE-2022-44792","CVE-2022-44793"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0015.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31388"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-5795-1"}],"affected":[{"package":{"name":"net-snmp","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/net-snmp?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.9-1.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0015.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}