CVE-2019-9162
Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper.
En el kernel de Linux, en versiones anteriores a la 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c en el módulo SNMP NAT tiene comprobaciones de longitud ASN.1 insuficientes (conocido como error de índice de arrays), lo que hace que las operaciones de lectura y escritura fuera de límites sean posibles y conduciendo a un OOPS o al escalado de privilegios locales. Esto afecta a snmp_version y snmp_helper.
Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sound Architecture subsystem. A physically proximate attacker could use this to cause a denial of service. Shlomi Oberman, Yuli Shapiro, and Ran Menscher discovered an information leak in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could use this to expose sensitive information. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-02-25 CVE Reserved
- 2019-02-25 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- 2025-05-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/107159 | Broken Link | |
| https://security.netapp.com/advisory/ntap-20190327-0002 | Third Party Advisory |
|
| https://support.f5.com/csp/article/K31864522 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/46477 | 2024-08-04 | |
| https://bugs.chromium.org/p/project-zero/issues/detail?id=1776 | 2024-08-04 |
| URL | Date | SRC |
|---|---|---|
| https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.25 | 2022-04-05 | |
| https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.12 | 2022-04-05 | |
| https://usn.ubuntu.com/3930-1 | 2022-04-05 | |
| https://usn.ubuntu.com/3930-2 | 2022-04-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netapp Search vendor "Netapp" | Cn1610 Firmware Search vendor "Netapp" for product "Cn1610 Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | Cn1610 Search vendor "Netapp" for product "Cn1610" | - | - |
Safe
|
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19 < 4.19.25 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 4.19.25" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 4.20.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 4.20.12" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Management Node Search vendor "Netapp" for product "Hci Management Node" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapprotect Search vendor "Netapp" for product "Snapprotect" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Solidfire Search vendor "Netapp" for product "Solidfire" | - | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.10" | - |
Affected
| ||||||