First published: Mon Feb 25 2019(Updated: )
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | >=4.19<4.19.25 | |
Linux Linux kernel | >=4.20<4.20.12 | |
Netapp Hci Management Node | ||
Netapp Snapprotect | ||
Netapp Solidfire | ||
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =18.10 | |
Netapp Cn1610 Firmware | ||
Netapp Cn1610 | ||
All of | ||
Netapp Cn1610 Firmware | ||
Netapp Cn1610 | ||
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2019-9162.
The severity of CVE-2019-9162 is high.
The Linux kernel versions before 4.20.12 are affected by CVE-2019-9162.
To fix CVE-2019-9162, you should update your Linux kernel to version 4.20.12 or later.
You can find more information about CVE-2019-9162 on the following websites: [SecurityFocus](http://www.securityfocus.com/bid/107159), [NetApp](https://security.netapp.com/advisory/ntap-20190327-0002/), [F5 Networks](https://support.f5.com/csp/article/K31864522).