[USN-7944-1] Net-SNMP vulnerability

noreply+usn-bot Wed, 07 Jan 2026 09:16:20 -0800

==========================================================================
Ubuntu Security Notice USN-7944-1
January 07, 2026


net-snmp vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Net-SNMP could be made to crash if it received specially crafted
input.

Software Description:
- net-snmp: SNMP (Simple Network Management Protocol) server and applications

Details:

Bahae Bahrini discovered that Net-SNMP could be made to write out of 
bounds. If a user or an automated system were tricked into opening a 
specially crafted input file, a remote attacker could possibly use 
this issue to cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libsnmp40t64                    5.9.4+dfsg-2ubuntu2.1
  snmp                            5.9.4+dfsg-2ubuntu2.1
  snmpd                           5.9.4+dfsg-2ubuntu2.1

Ubuntu 25.04
  libsnmp40t64                    5.9.4+dfsg-1.1ubuntu7.1
  snmp                            5.9.4+dfsg-1.1ubuntu7.1
  snmpd                           5.9.4+dfsg-1.1ubuntu7.1

Ubuntu 24.04 LTS
  libsnmp40t64                    5.9.4+dfsg-1.1ubuntu3.2
  snmp                            5.9.4+dfsg-1.1ubuntu3.2
  snmpd                           5.9.4+dfsg-1.1ubuntu3.2

Ubuntu 22.04 LTS
  libsnmp40                       5.9.1+dfsg-1ubuntu2.9
  snmp                            5.9.1+dfsg-1ubuntu2.9
  snmpd                           5.9.1+dfsg-1ubuntu2.9

Ubuntu 20.04 LTS
  libsnmp35                       5.8+dfsg-2ubuntu2.9+esm2
                                  Available with Ubuntu Pro
  snmp                            5.8+dfsg-2ubuntu2.9+esm2
                                  Available with Ubuntu Pro
  snmpd                           5.8+dfsg-2ubuntu2.9+esm2
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libsnmp30                       5.7.3+dfsg-1.8ubuntu3.8+esm1
                                  Available with Ubuntu Pro
  snmp                            5.7.3+dfsg-1.8ubuntu3.8+esm1
                                  Available with Ubuntu Pro
  snmpd                           5.7.3+dfsg-1.8ubuntu3.8+esm1
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  libsnmp30                       5.7.3+dfsg-1ubuntu4.6+esm2
                                  Available with Ubuntu Pro
  snmp                            5.7.3+dfsg-1ubuntu4.6+esm2
                                  Available with Ubuntu Pro
  snmpd                           5.7.3+dfsg-1ubuntu4.6+esm2
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  libsnmp30                       5.7.2~dfsg-8.1ubuntu3.3+esm4
                                  Available with Ubuntu Pro
  snmp                            5.7.2~dfsg-8.1ubuntu3.3+esm4
                                  Available with Ubuntu Pro
  snmpd                           5.7.2~dfsg-8.1ubuntu3.3+esm4
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7944-1
  CVE-2025-68615

Package Information:
  https://launchpad.net/ubuntu/+source/net-snmp/5.9.4+dfsg-2ubuntu2.1
  https://launchpad.net/ubuntu/+source/net-snmp/5.9.4+dfsg-1.1ubuntu7.1
  https://launchpad.net/ubuntu/+source/net-snmp/5.9.4+dfsg-1.1ubuntu3.2
  https://launchpad.net/ubuntu/+source/net-snmp/5.9.1+dfsg-1ubuntu2.9

signature.asc
Description: OpenPGP digital signature

[USN-7944-1] Net-SNMP vulnerability

Reply via email to