Nixpkgs security tracker
Untriaged
Permalink
CVE-2025-68615
9.8 CRITICAL
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
Activity log
- Created suggestion
Net-SNMP snmptrapd crash
net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2.
References
-
https://github.com/net-snmp/net-snmp/security/advisories/GHSA-4389-rwqf-q9gq x_refsource_CONFIRM
Affected products
net-snmp
- ==>= 5.10.pre1, < 5.10.pre2
- ==< 5.9.5
Matching in nixpkgs
pkgs.net-snmp
Clients and server for the SNMP network monitoring protocol
pkgs.perlPackages.NetSNMP
Object oriented interface to SNMP
pkgs.perl5Packages.NetSNMP
Object oriented interface to SNMP
-
nixos-unstable -
- nixpkgs-unstable 6.0.1
pkgs.perl538Packages.NetSNMP
Object oriented interface to SNMP
-
nixos-unstable 6.0.1
pkgs.perl540Packages.NetSNMP
Object oriented interface to SNMP
-
nixos-unstable 6.0.1
pkgs.tests.pkg-config.defaultPkgConfigPackages.netsnmp
Test whether net-snmp-5.9.4 exposes pkg-config modules netsnmp