Vulnerabilities > CVE-2022-44793 - NULL Pointer Dereference vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 18 | |
OS | 1 | |
OS | 4 | |
Hardware | 4 |
Common Weakness Enumeration (CWE)
References
- https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f
- https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f
- https://github.com/net-snmp/net-snmp/issues/475
- https://github.com/net-snmp/net-snmp/issues/475
- https://lists.debian.org/debian-lts-announce/2023/01/msg00010.html
- https://lists.debian.org/debian-lts-announce/2023/01/msg00010.html
- https://security.netapp.com/advisory/ntap-20230223-0011/
- https://security.netapp.com/advisory/ntap-20230223-0011/