9.8

CVE-2025-68615

Medienbericht
Exploit

Net-SNMP snmptrapd crash

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Net-snmpNet-snmp Version < 5.9.5
Net-snmpNet-snmp Version5.10 Updatepre1
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 42.69% 0.985
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security-advisories@github.com 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
22.04.2026 11:02
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
02.03.2026 10:09
https://github.com/net-snmp/net-snmp/security/advisories/GHSA-4389-rwqf-q9gq
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2026/01/msg00000.html
Vendor Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2026/01/09/2
Third Party Advisory
Mailing List
https://www.vicarius.io/vsociety/posts/cve-2025-68615-detection-script-buffer-overflow-vulnerability-affecting-net-snmp
Third Party Advisory
Exploit
Mitigation
https://www.vicarius.io/vsociety/posts/cve-2025-68615-mitigation-script-buffer-overflow-vulnerability-affecting-net-snmp
Third Party Advisory
Mitigation