snmpd reads from uninitialised memory
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
net-snmp (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
All net-snmp-5.4 versions give bogus data when returning the ipAddressPrefix for IPv4 addresses:
ipAddressPrefix
ipAddressPrefix
While the real situation is completely different:
$ ip -4 addr
1: lo: <LOOPBACK,
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,
inet 94.142.242.194/29 brd 94.142.242.199 scope global eth0
This seems to be caused by an (open) bug in net-snmp:
http://
This seems to cause net-snmp to read from uninitialised memory, which can be a security issue (see the recent heartbleed mess, although this seems much less severe).
As this is a serious problem, but upstream has had this issue open for years, please fix this for the LTS releases.
information type: | Private Security → Public |
Thank you for taking the time to report this bug and helping to make Ubuntu better. The upstream bug and patch look helpful, and the fix seems trivial. Marking for attention of the security team.