CVE-2019-20892

net-snmp before 5.8.1.pre1 has a double free in usmfreeusmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.

References

Affected packages

Git / github.com/net-snmp/net-snmp

Affected ranges

Type

GIT

Repo

https://github.com/net-snmp/net-snmp

Events

Introduced

Last affected

463235edcc53e2477efe35da717fab292741aab5

Fixed

5f881d3bf24599b90d67a45cae7a3eb099cd71c9

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.8"
        }
    ]
}

Affected versions

v3.*

v3.0

v3.0.1

v3.0.2

v3.0.2.1

v3.0.3

v3.0.4

v3.0.5

v3.0.6

v3.0.7

v3.0.7.1

v3.0.7.2

v3.1

v3.1.0.1

v3.1.1

v3.1.2

v3.1.2.1

v3.1.3

v3.2

v3.3

v3.4

v3.5

v3.6

v3.6.1

v4.*

v4.0

v4.0.1

v4.1

v4.1.1

v4.2

v5.*

v5.0

v5.0.1

v5.0.11.1

v5.0.2

v5.0.3

v5.0.4

v5.0.5

v5.0.6

v5.0.7

v5.1

v5.1.4.1

v5.2

v5.3

v5.4

v5.5

v5.5.pre1

v5.5.pre2

v5.5.pre3

v5.5.rc1

v5.5.rc2

v5.5.rc3

v5.6

v5.6.pre1

v5.6.pre2

v5.6.pre3

v5.6.rc1

v5.6.rc2

v5.6.rc3

v5.7

v5.7.pre1

v5.7.pre2

v5.7.rc1

v5.7.rc2

v5.7.rc3

v5.8

v5.8.pre1

v5.8.pre2

v5.8.pre3

v5.8.rc1

v5.8.rc2

v5.8.rc3

v5.8.rc4

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.8"
            }
        ]
    }
]

vanir_signatures_modified

"2026-04-11T14:11:14Z"

vanir_signatures

[
    {
        "deprecated": false,
        "target": {
            "file": "snmplib/snmp_client.c",
            "function": "_clone_pdu_header"
        },
        "id": "CVE-2019-20892-382d164f",
        "signature_type": "Function",
        "source": "https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9",
        "signature_version": "v1",
        "digest": {
            "function_hash": "140177603995878720991195551689799129618",
            "length": 1698.0
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "snmplib/snmpusm.c"
        },
        "id": "CVE-2019-20892-5333c152",
        "signature_type": "Line",
        "source": "https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "44242992634025686115409545502120928476",
                "29672997187899204588248216402839883043",
                "40794116973937965067530691483828958859",
                "132414243160031557982177198766023395101",
                "305725171296417443372987251459616736940",
                "175593073472431576251405895329683411445",
                "287035748120865746564382429203163938637",
                "26915744975623297004250391564358283780",
                "103531736579679216853410519603960826911",
                "265021316400814718833376606064233556991",
                "199748301974971405245209158318257804530",
                "196574635798182203035160887345760324828",
                "123634601959712454489722241175334570171",
                "186331237900610919361576066626885612475",
                "254426379512619478811337930659412903544",
                "106128518620748907713695403676523221318",
                "27455802107373568368114353775119213963",
                "180751480742087284200705330639104143788",
                "324741654969520679044094707367129846028",
                "277034873175065332979035382998353812755",
                "312446659726961885171452558104658471296",
                "330956671658082276948001970066774507964",
                "308620508630188523687389350799315713632",
                "231611819546873415251971449950058584428",
                "164895656350574865052687335113615663447",
                "133363327825204198443282752987767537554",
                "183909225123220272610064491435452202287",
                "246580444918460405508204234492900917192",
                "120133148926244489050891959865597125416",
                "84544450504787606045186063168188308394",
                "258480738828067149461215868270467629626",
                "200281615836911523953703462310525338383",
                "154808664236195465024505904650726730672",
                "163254431129950724490533090278976514982",
                "173325409493447389001449165376081877882",
                "63932343873398434131318958950339079706",
                "71061357178572249993894223874099466253",
                "261802238718059722677624567276162217792",
                "87797271725617132585865738775349286592"
            ],
            "threshold": 0.9
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "snmplib/snmpusm.c",
            "function": "usm_malloc_usmStateReference"
        },
        "id": "CVE-2019-20892-57223eb1",
        "signature_type": "Function",
        "source": "https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9",
        "signature_version": "v1",
        "digest": {
            "function_hash": "159156942628545966179758038413846966703",
            "length": 112.0
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "snmplib/snmpusm.c",
            "function": "usm_free_usmStateReference"
        },
        "id": "CVE-2019-20892-6d822333",
        "signature_type": "Function",
        "source": "https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9",
        "signature_version": "v1",
        "digest": {
            "function_hash": "88064372202649158328320107912822422421",
            "length": 759.0
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "snmplib/snmp_client.c"
        },
        "id": "CVE-2019-20892-81da526f",
        "signature_type": "Line",
        "source": "https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "137896095288191195591564619137773233729",
                "267484301248047181893885793648605803471",
                "28906083445685974119879737775352735561",
                "225505363771031082041171773542489953799",
                "127773062946225179371899670915664919881",
                "148527884924071986367937389607784222372",
                "229361921883869757802187283366909677861",
                "204465326253106719231605866198712229221",
                "241137018290310320160035791315241935320",
                "98321346952511963867742770113849008706",
                "110223236143194705002654652711567162570",
                "63927623152965480918902525393645277601",
                "73090936670646882255427829759851757884",
                "133153891305900436900955798933393314973",
                "249273827103702677874325570121234344396",
                "229162520623235065258140088734823300782",
                "74490835845961382400778818603400143635",
                "306358284737391028742449182024578498023"
            ],
            "threshold": 0.9
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "snmplib/snmpusm.c",
            "function": "init_usm"
        },
        "id": "CVE-2019-20892-d1526ea7",
        "signature_type": "Function",
        "source": "https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9",
        "signature_version": "v1",
        "digest": {
            "function_hash": "280782372303714082953061013312602056696",
            "length": 2108.0
        }
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-20892.json"