vulnerability

Ubuntu: USN-4410-1 (CVE-2019-20892): Net-SNMP vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:N/A:P)	Jun 25, 2020	Aug 5, 2020	Aug 18, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:N/A:P)

Published

Jun 25, 2020

Added

Aug 5, 2020

Modified

Aug 18, 2025

Description

net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.

Solutions

ubuntu-upgrade-libsnmp-baseubuntu-upgrade-libsnmp-perlubuntu-upgrade-libsnmp35ubuntu-upgrade-snmpd

References

CVE-2019-20892
https://attackerkb.com/topics/CVE-2019-20892
CWE-415
NVD-CVE-2019-20892
UBUNTU-USN-4410-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today