SB2020082704 - Gentoo update for Net-SNMP

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Double Free (CVE-ID: CVE-2019-20892)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing an SNMPv3 GetBulk request in usm_free_usmStateReference in snmplib/snmpusm.c in net-snmp. A remote attacker can pass specially crafted data to the application, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) UNIX symbolic link following (CVE-ID: CVE-2020-15861)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a symlink following issue in snmpd. A local user can bypass implemented security mechanism via *snmp-mibs-downloader package* and execute arbitrary commands on the system as root.

3) Incorrect permission assignment for critical resource (CVE-ID: CVE-2020-15862)

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to insecure permissions set by the Net-snmp installed on Debian-based systems. A remote user can overwrite files in net-snmp directory via EXTEND MIB and execute arbitrary code on the system with root privileges.

Remediation

Install update from vendor's website.

References

• https://security.gentoo.org/
• https://security.gentoo.org/glsa/202008-12