high
7.5
CWE
19
Advisory Published
CVE Published
Updated

CVE-2015-5621

First published: Thu Apr 16 2015(Updated: )

It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables in case the parsing of the SNMP PDU failed. If later processing tries to operate on the stale and incompletely processed varBind (e.g. when printing the variables), this can lead to e.g. crashes or, possibly, execution of arbitrary code (although I've only seen NULL pointer dereferences during my testing, I currently can't rule out code execution completely). The snmp_pdu_parse() function stores varBind variables in a list of netsnmp_variable_list structures. Each time the function parses a new varBind, a new netsnmp_variable_list item is allocated on the heap and linked to the list of variables. The problem is that this item is not removed from the list, even if snmp_pdu_parse() fails to complete the parsing. The "type" member of the stale netsnmp_variable_list is not properly initialized in case snmp_pdu_parse() returns early from the parsing. However, the "type" member is used to determine later code paths, which is why we see crashes in a variety of functions, although the root cause for all of these is the same. References: Upstream patch: <a href="https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/">https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/</a> Upstream bug: <a href="https://sourceforge.net/p/net-snmp/bugs/2615/">https://sourceforge.net/p/net-snmp/bugs/2615/</a> (possibly restricted) Reporter's mail to oss-security: <a href="http://www.openwall.com/lists/oss-security/2015/04/13/1">http://www.openwall.com/lists/oss-security/2015/04/13/1</a>

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
debian/net-snmp<=5.4.3~dfsg-1<=5.7.3+dfsg-1
5.7.3+dfsg-1.1
5.7.2.1+dfsg-1+deb8u1
debian/net-snmp
5.7.3+dfsg-5+deb10u2
5.7.3+dfsg-5+deb10u4
5.9+dfsg-4+deb11u1
5.9.3+dfsg-2
5.9.4+dfsg-1
CentOS Net-SNMP Agent Libraries<=5.7.2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2015-5621?

    CVE-2015-5621 has a medium severity rating due to potential issues in processing SNMP PDUs.

  • How do I fix CVE-2015-5621?

    To fix CVE-2015-5621, update your net-snmp package to version 5.7.3+dfsg-1.1 or later.

  • What systems are affected by CVE-2015-5621?

    CVE-2015-5621 affects net-snmp versions up to 5.7.3+dfsg-1 and specific Debian package versions.

  • What are the potential impacts of CVE-2015-5621?

    The impact of CVE-2015-5621 may include incomplete variable processing leading to application instability.

  • Is there a workaround for CVE-2015-5621 until I can apply a fix?

    A temporary workaround for CVE-2015-5621 involves avoiding the use of affected net-snmp versions until they can be updated.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203