CVE-2019-9162
moderate-risk
Published 2019-02-25
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper.
Do I need to act?
-
0.21% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10
High
LOCAL
/ LOW complexity
Affected Products (7)
References (22)
Broken Link
http://www.securityfocus.com/bid/107159
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190327-0002/
Third Party Advisory
https://support.f5.com/csp/article/K31864522
Third Party Advisory
https://usn.ubuntu.com/3930-1/
Third Party Advisory
https://usn.ubuntu.com/3930-2/
Broken Link
http://www.securityfocus.com/bid/107159
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190327-0002/
Third Party Advisory
https://support.f5.com/csp/article/K31864522
Third Party Advisory
https://usn.ubuntu.com/3930-1/
and 2 more references
46
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
8/34 · Low
Exposure
14/34 · Moderate