CVE-2019-20892

Priority
Description
net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference
in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects
net-snmp packages shipped to end users by multiple Linux distributions, but
might not affect an upstream release.
Notes
mdeslaurPossibly affects 5.8 only.
Could not reproduce crash in eoan and earlier, marking as
not-affected.
More Information

Updated: 2020-07-28 20:07:23 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)