libsnmp30-32bit-5.9-3.2 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11082-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libsnmp30-32bit-5.9-3.2 on GA media These are all security issues fixed in the libsnmp30-32bit-5.9-3.2 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11082 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2008-4309/ SUSE CVE CVE-2008-4309 page https://www.suse.com/security/cve/CVE-2018-18065/ SUSE CVE CVE-2018-18065 page openSUSE Tumbleweed libsnmp30-5.9-3.2 libsnmp30-32bit-5.9-3.2 net-snmp-5.9-3.2 net-snmp-devel-5.9-3.2 net-snmp-devel-32bit-5.9-3.2 perl-SNMP-5.9-3.2 python36-net-snmp-5.9-3.2 python38-net-snmp-5.9-3.2 python39-net-snmp-5.9-3.2 snmp-mibs-5.9-3.2 libsnmp30-5.9-3.2 as a component of openSUSE Tumbleweed libsnmp30-32bit-5.9-3.2 as a component of openSUSE Tumbleweed net-snmp-5.9-3.2 as a component of openSUSE Tumbleweed net-snmp-devel-5.9-3.2 as a component of openSUSE Tumbleweed net-snmp-devel-32bit-5.9-3.2 as a component of openSUSE Tumbleweed perl-SNMP-5.9-3.2 as a component of openSUSE Tumbleweed python36-net-snmp-5.9-3.2 as a component of openSUSE Tumbleweed python38-net-snmp-5.9-3.2 as a component of openSUSE Tumbleweed python39-net-snmp-5.9-3.2 as a component of openSUSE Tumbleweed snmp-mibs-5.9-3.2 as a component of openSUSE Tumbleweed Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. CVE-2008-4309 openSUSE Tumbleweed:libsnmp30-32bit-5.9-3.2 openSUSE Tumbleweed:libsnmp30-5.9-3.2 openSUSE Tumbleweed:net-snmp-5.9-3.2 openSUSE Tumbleweed:net-snmp-devel-32bit-5.9-3.2 openSUSE Tumbleweed:net-snmp-devel-5.9-3.2 openSUSE Tumbleweed:perl-SNMP-5.9-3.2 openSUSE Tumbleweed:python36-net-snmp-5.9-3.2 openSUSE Tumbleweed:python38-net-snmp-5.9-3.2 openSUSE Tumbleweed:python39-net-snmp-5.9-3.2 openSUSE Tumbleweed:snmp-mibs-5.9-3.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2008-4309.html CVE-2008-4309 https://bugzilla.suse.com/440950 SUSE Bug 440950 https://bugzilla.suse.com/514709 SUSE Bug 514709 _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. CVE-2018-18065 openSUSE Tumbleweed:libsnmp30-32bit-5.9-3.2 openSUSE Tumbleweed:libsnmp30-5.9-3.2 openSUSE Tumbleweed:net-snmp-5.9-3.2 openSUSE Tumbleweed:net-snmp-devel-32bit-5.9-3.2 openSUSE Tumbleweed:net-snmp-devel-5.9-3.2 openSUSE Tumbleweed:perl-SNMP-5.9-3.2 openSUSE Tumbleweed:python36-net-snmp-5.9-3.2 openSUSE Tumbleweed:python38-net-snmp-5.9-3.2 openSUSE Tumbleweed:python39-net-snmp-5.9-3.2 openSUSE Tumbleweed:snmp-mibs-5.9-3.2 important 4 AV:N/AC:L/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18065.html CVE-2018-18065 https://bugzilla.suse.com/1111122 SUSE Bug 1111122 https://bugzilla.suse.com/1126909 SUSE Bug 1126909 https://bugzilla.suse.com/1145864 SUSE Bug 1145864