← back
CVE-2019-9162

CVE-2019-9162

EPSS 1.1%
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/46477/unverifiedexploitdbwww.exploit-db.com/exploits/46477unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c4c07b4d6fa1f11880eab8e076d3d060ef3f55fchttps://bugs.chromium.org/p/project-zero/issues/detail?id=1776https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.25https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.12https://github.com/torvalds/linux/commit/c4c07b4d6fa1f11880eab8e076d3d060ef3f55fchttps://security.netapp.com/advisory/ntap-20190327-0002/https://support.f5.com/csp/article/K31864522https://usn.ubuntu.com/3930-1/https://usn.ubuntu.com/3930-2/https://www.exploit-db.com/exploits/46477/http://www.securityfocus.com/bid/107159