Insufficient ASN.1 Length Checks in SNMP NAT Module Leading to OOPS or Local Privilege Escalation
CVE-2019-9162 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.