{"id":"CVE-2025-68615","summary":"Net-SNMP snmptrapd crash","details":"net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2.","aliases":["GHSA-4389-rwqf-q9gq"],"modified":"2026-04-16T04:31:49.816417621Z","published":"2025-12-22T23:55:30.138Z","related":["ALSA-2026:0668","ALSA-2026:0696","ALSA-2026:0750","SUSE-SU-2026:0195-1","SUSE-SU-2026:0225-1","SUSE-SU-2026:0227-1","SUSE-SU-2026:0227-2","SUSE-SU-2026:0228-1","SUSE-SU-2026:20267-1","SUSE-SU-2026:20359-1","SUSE-SU-2026:20751-1","SUSE-SU-2026:20901-1","openSUSE-SU-2026:10157-1","openSUSE-SU-2026:20383-1"],"database_specific":{"cwe_ids":["CWE-119"],"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68615.json"},"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/01/09/2"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2026/01/msg00000.html"},{"type":"WEB","url":"https://www.vicarius.io/vsociety/posts/cve-2025-68615-detection-script-buffer-overflow-vulnerability-affecting-net-snmp"},{"type":"WEB","url":"https://www.vicarius.io/vsociety/posts/cve-2025-68615-mitigation-script-buffer-overflow-vulnerability-affecting-net-snmp"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68615.json"},{"type":"ADVISORY","url":"https://github.com/net-snmp/net-snmp/security/advisories/GHSA-4389-rwqf-q9gq"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68615"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/net-snmp/net-snmp","events":[{"introduced":"0"},{"fixed":"95ce5af8b59ce02d458da818b4d71606d5b161f4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"5.9.5"}]}},{"type":"GIT","repo":"https://github.com/net-snmp/net-snmp","events":[{"introduced":"202ea1c6c8b2b52b238cd60696d90d4c8e9e62c6"},{"fixed":"7dac09335486a11ae0fdbebd4fd61a57b122cd5d"}],"database_specific":{"versions":[{"introduced":"5.10.pre1"},{"fixed":"5.10.pre2"}]}}],"versions":["v3.0","v3.0.1","v3.0.2","v3.0.2.1","v3.0.3","v3.0.4","v3.0.5","v3.0.6","v3.0.7","v3.0.7.1","v3.0.7.2","v3.1","v3.1.0.1","v3.1.1","v3.1.2","v3.1.2.1","v3.1.3","v3.2","v3.3","v3.4","v3.5","v3.6","v3.6.1","v4.0","v4.0.1","v4.1","v4.1.1","v4.2","v5.0","v5.0.1","v5.0.11.1","v5.0.2","v5.0.3","v5.0.4","v5.0.5","v5.0.6","v5.0.7","v5.1","v5.1.4.1","v5.10.pre1","v5.2","v5.3","v5.4","v5.5","v5.5.pre1","v5.5.pre2","v5.5.pre3","v5.5.rc1","v5.5.rc2","v5.5.rc3","v5.6","v5.6.pre1","v5.6.pre2","v5.6.pre3","v5.6.rc1","v5.6.rc2","v5.6.rc3","v5.7","v5.7.pre1","v5.7.pre2","v5.7.rc1","v5.7.rc2","v5.7.rc3","v5.8","v5.8.1.pre1","v5.8.1.pre2","v5.8.1.rc1","v5.8.pre1","v5.8.pre2","v5.8.pre3","v5.8.rc1","v5.8.rc2","v5.8.rc3","v5.8.rc4","v5.9","v5.9.1","v5.9.1.pre1","v5.9.1.rc1","v5.9.2","v5.9.2.pre1","v5.9.2.rc1","v5.9.2.rc2","v5.9.4","v5.9.4.pre2","v5.9.4.pre3","v5.9.4.rc1","v5.9.rc2","v5.9.verfix"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68615.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}