Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 734994 (CVE-2020-15861, CVE-2020-15862)

Summary: <net-analyzer/net-snmp-5.8.1_pre1: Multiple vulnerabilities (CVE-2020-{15861,15862})
Product: Gentoo Security Reporter: David Denoncin <ddenoncin>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: netmon
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B1 [glsa+ cve]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 729610    

Description David Denoncin 2020-07-31 22:27:59 UTC
* CVE-2020-15861:

"snmpd runs as a low privileged user account. However, in combination with
the *snmp-mibs-downloader package* this protection can be bypassed and it is
possible for this account to elevate permissions to the root user.

This attack happens due to how snmpd handles symlinks."

Advisory:
 https://github.com/net-snmp/net-snmp/issues/145
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-08-24 01:05:15 UTC
* CVE-2020-15862

Description:
"Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root."

Patch: https://github.com/net-snmp/net-snmp/commit/77f6c60f57dba0aaea5d8ef1dd94bcd0c8e6d205 (which is in 5.8.1_pre1)

Tree seems clean so just need to glsa.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2020-08-26 21:43:59 UTC
This issue was resolved and addressed in
 GLSA 202008-12 at https://security.gentoo.org/glsa/202008-12
by GLSA coordinator Sam James (sam_c).