Insufficient ASN.1 Length Checks in SNMP NAT Module Leading to OOPS or Local Privilege Escalation

Insufficient ASN.1 Length Checks in SNMP NAT Module Leading to OOPS or Local Privilege Escalation

CVE-2019-9162 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.