[Bug 1308559] [NEW] snmpd reads from uninitialised memory
Sander Steffann
1308559 at bugs.launchpad.net
Wed Apr 16 13:48:12 UTC 2014
Public bug reported:
All net-snmp-5.4 versions give bogus data when returning the
ipAddressPrefix for IPv4 addresses:
ipAddressPrefix.ipv4."94.142.242.194" = ipAddressPrefixOrigin.2.ipv4."88.0.0.0".5
ipAddressPrefix.ipv4."127.0.0.1" = ipAddressPrefixOrigin.1.ipv4."51.101.48.0".0
While the real situation is completely different:
$ ip -4 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
inet 94.142.242.194/29 brd 94.142.242.199 scope global eth0
This seems to be caused by an (open) bug in net-snmp:
http://sourceforge.net/p/net-snmp/bugs/2251/
This seems to cause net-snmp to read from uninitialised memory, which
can be a security issue (see the recent heartbleed mess, although this
seems much less severe).
As this is a serious problem, but upstream has had this issue open for
years, please fix this for the LTS releases.
** Affects: net-snmp (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to net-snmp in Ubuntu.
https://bugs.launchpad.net/bugs/1308559
Title:
snmpd reads from uninitialised memory
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1308559/+subscriptions
More information about the Ubuntu-server-bugs
mailing list