net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-06-25T09:07:42

Updated: 2024-08-05T02:53:09.438Z

Reserved: 2020-06-25T00:00:00

Link: CVE-2019-20892

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-06-25T10:15:10.667

Modified: 2024-11-21T04:39:37.973

Link: CVE-2019-20892

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-01-02T00:00:00Z

Links: CVE-2019-20892 - Bugzilla