{"id":"CVE-2019-20892","details":"net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.","modified":"2026-04-11T14:11:14.413044Z","published":"2020-06-25T10:15:10.667Z","references":[{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202008-12"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4410-1/"},{"type":"REPORT","url":"https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1877027"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1663027"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"type":"FIX","url":"https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9"},{"type":"EVIDENCE","url":"https://sourceforge.net/p/net-snmp/bugs/2923/"},{"type":"EVIDENCE","url":"http://www.openwall.com/lists/oss-security/2020/06/25/4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/net-snmp/net-snmp","events":[{"introduced":"0"},{"last_affected":"463235edcc53e2477efe35da717fab292741aab5"},{"fixed":"5f881d3bf24599b90d67a45cae7a3eb099cd71c9"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.8"}]}}],"versions":["v3.0","v3.0.1","v3.0.2","v3.0.2.1","v3.0.3","v3.0.4","v3.0.5","v3.0.6","v3.0.7","v3.0.7.1","v3.0.7.2","v3.1","v3.1.0.1","v3.1.1","v3.1.2","v3.1.2.1","v3.1.3","v3.2","v3.3","v3.4","v3.5","v3.6","v3.6.1","v4.0","v4.0.1","v4.1","v4.1.1","v4.2","v5.0","v5.0.1","v5.0.11.1","v5.0.2","v5.0.3","v5.0.4","v5.0.5","v5.0.6","v5.0.7","v5.1","v5.1.4.1","v5.2","v5.3","v5.4","v5.5","v5.5.pre1","v5.5.pre2","v5.5.pre3","v5.5.rc1","v5.5.rc2","v5.5.rc3","v5.6","v5.6.pre1","v5.6.pre2","v5.6.pre3","v5.6.rc1","v5.6.rc2","v5.6.rc3","v5.7","v5.7.pre1","v5.7.pre2","v5.7.rc1","v5.7.rc2","v5.7.rc3","v5.8","v5.8.pre1","v5.8.pre2","v5.8.pre3","v5.8.rc1","v5.8.rc2","v5.8.rc3","v5.8.rc4"],"database_specific":{"vanir_signatures":[{"deprecated":false,"source":"https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9","signature_type":"Function","id":"CVE-2019-20892-382d164f","target":{"function":"_clone_pdu_header","file":"snmplib/snmp_client.c"},"digest":{"length":1698,"function_hash":"140177603995878720991195551689799129618"},"signature_version":"v1"},{"deprecated":false,"source":"https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9","signature_type":"Line","id":"CVE-2019-20892-5333c152","target":{"file":"snmplib/snmpusm.c"},"digest":{"line_hashes":["44242992634025686115409545502120928476","29672997187899204588248216402839883043","40794116973937965067530691483828958859","132414243160031557982177198766023395101","305725171296417443372987251459616736940","175593073472431576251405895329683411445","287035748120865746564382429203163938637","26915744975623297004250391564358283780","103531736579679216853410519603960826911","265021316400814718833376606064233556991","199748301974971405245209158318257804530","196574635798182203035160887345760324828","123634601959712454489722241175334570171","186331237900610919361576066626885612475","254426379512619478811337930659412903544","106128518620748907713695403676523221318","27455802107373568368114353775119213963","180751480742087284200705330639104143788","324741654969520679044094707367129846028","277034873175065332979035382998353812755","312446659726961885171452558104658471296","330956671658082276948001970066774507964","308620508630188523687389350799315713632","231611819546873415251971449950058584428","164895656350574865052687335113615663447","133363327825204198443282752987767537554","183909225123220272610064491435452202287","246580444918460405508204234492900917192","120133148926244489050891959865597125416","84544450504787606045186063168188308394","258480738828067149461215868270467629626","200281615836911523953703462310525338383","154808664236195465024505904650726730672","163254431129950724490533090278976514982","173325409493447389001449165376081877882","63932343873398434131318958950339079706","71061357178572249993894223874099466253","261802238718059722677624567276162217792","87797271725617132585865738775349286592"],"threshold":0.9},"signature_version":"v1"},{"deprecated":false,"source":"https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9","signature_type":"Function","id":"CVE-2019-20892-57223eb1","target":{"function":"usm_malloc_usmStateReference","file":"snmplib/snmpusm.c"},"digest":{"length":112,"function_hash":"159156942628545966179758038413846966703"},"signature_version":"v1"},{"deprecated":false,"source":"https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9","signature_type":"Function","id":"CVE-2019-20892-6d822333","target":{"function":"usm_free_usmStateReference","file":"snmplib/snmpusm.c"},"digest":{"length":759,"function_hash":"88064372202649158328320107912822422421"},"signature_version":"v1"},{"deprecated":false,"source":"https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9","signature_type":"Line","id":"CVE-2019-20892-81da526f","target":{"file":"snmplib/snmp_client.c"},"digest":{"line_hashes":["137896095288191195591564619137773233729","267484301248047181893885793648605803471","28906083445685974119879737775352735561","225505363771031082041171773542489953799","127773062946225179371899670915664919881","148527884924071986367937389607784222372","229361921883869757802187283366909677861","204465326253106719231605866198712229221","241137018290310320160035791315241935320","98321346952511963867742770113849008706","110223236143194705002654652711567162570","63927623152965480918902525393645277601","73090936670646882255427829759851757884","133153891305900436900955798933393314973","249273827103702677874325570121234344396","229162520623235065258140088734823300782","74490835845961382400778818603400143635","306358284737391028742449182024578498023"],"threshold":0.9},"signature_version":"v1"},{"deprecated":false,"source":"https://github.com/net-snmp/net-snmp/commit/5f881d3bf24599b90d67a45cae7a3eb099cd71c9","signature_type":"Function","id":"CVE-2019-20892-d1526ea7","target":{"function":"init_usm","file":"snmplib/snmpusm.c"},"digest":{"length":2108,"function_hash":"280782372303714082953061013312602056696"},"signature_version":"v1"}],"vanir_signatures_modified":"2026-04-11T14:11:14Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-20892.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.8"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}