CVE-2022-44793
net-snmp: NULL Pointer Exception when handling pv6IpForwarding
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
handle_ipv6IpForwarding en agent/mibgroup/ip-mib/ip_scalars.c en Net-SNMP 5.4.3 a 5.9.3 tiene un error de excepción de puntero NULL que puede ser utilizado por un atacante remoto para provocar que la instancia se bloquee a través de un paquete UDP manipulado. resultando en Denegación de Servicio.
A flaw was found in Net-SNMP. This issue occurs because the handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP has a NULL Pointer Exception that could allow a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in a denial of service.
The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. Issues addressed include memory leak and null pointer vulnerabilities.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2022-11-07 CVE Reserved
- 2022-11-07 CVE Published
- 2025-05-05 CVE Updated
- 2025-05-05 First Exploit
- 2025-06-05 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
https://lists.debian.org/debian-lts-announce/2023/01/msg00010.html | Mailing List |
|
https://security.netapp.com/advisory/ntap-20230223-0011 | Third Party Advisory |
|
URL | Date | SRC |
---|---|---|
https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f | 2025-05-05 | |
https://github.com/net-snmp/net-snmp/issues/475 | 2025-05-05 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2022-44793 | 2023-05-16 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2141898 | 2023-05-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Netapp Search vendor "Netapp" | H300s Firmware Search vendor "Netapp" for product "H300s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H300s Search vendor "Netapp" for product "H300s" | - | - |
Safe
|
Netapp Search vendor "Netapp" | H500s Firmware Search vendor "Netapp" for product "H500s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H500s Search vendor "Netapp" for product "H500s" | - | - |
Safe
|
Netapp Search vendor "Netapp" | H700s Firmware Search vendor "Netapp" for product "H700s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H700s Search vendor "Netapp" for product "H700s" | - | - |
Safe
|
Netapp Search vendor "Netapp" | H410s Firmware Search vendor "Netapp" for product "H410s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H410s Search vendor "Netapp" for product "H410s" | - | - |
Safe
|
Net-snmp Search vendor "Net-snmp" | Net-snmp Search vendor "Net-snmp" for product "Net-snmp" | >= 5.4.3 <= 5.9.3 Search vendor "Net-snmp" for product "Net-snmp" and version " >= 5.4.3 <= 5.9.3" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
|