OSV-2025-132

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/net-snmp/OSV-2025-132.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-132
Published
2025-02-17T00:01:01.920904Z
Modified
2025-03-18T00:33:26.648884Z
Summary
Heap-use-after-free in netsnmp_hex_to_binary
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=396777457

Crash type: Heap-use-after-free READ 1
Crash state:
netsnmp_hex_to_binary
snmpv3_parse_arg
netsnmp_parse_args
References

Affected packages

OSS-Fuzz / net-snmp

Package

Name
net-snmp
Purl
pkg:generic/net-snmp

Affected ranges

Type
GIT
Repo
https://github.com/net-snmp/net-snmp
Events
Introduced
a6d63f416b3fe3011a3d11559ddf29ecf01a1667
Fixed
cbedf0cba170b967ab312ebc794eabdd6f67c6d5
Fixed
6af1dd2e6ab3820d949e24bc640bdcd75a05e48f

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "introduced_range": "1109b6fd408e1c8b03e6ccfdcbe70c2ad0412c13:f720ed11acffa6425694ee3ac5144035aa094716"
}