Nixpkgs Security Tracker

Published

Permalink CVE-2025-68615

updated 3 weeks ago by @LeSuisse Activity log

Created automatic suggestion 3 weeks, 5 days ago
@LeSuisse removed
4 packages
- perlPackages.NetSNMP
- perl538Packages.NetSNMP
- perl540Packages.NetSNMP
- tests.pkg-config.defaultPkgConfigPackages.netsnmp
3 weeks, 5 days ago
@LeSuisse accepted 3 weeks ago
@LeSuisse published on GitHub 3 weeks ago

Net-SNMP snmptrapd crash

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2.

References

Affected products

net-snmp

==< 5.9.5
==>= 5.10.pre1, < 5.10.pre2

Matching in nixpkgs

pkgs.net-snmp

Clients and server for the SNMP network monitoring protocol

nixos-unstable 5.9.5.2
- nixpkgs-unstable 5.9.5.2
- nixos-unstable-small 5.9.5.2
nixos-25.11 5.9.5.2
- nixos-25.11-small 5.9.5.2
- nixpkgs-25.11-darwin 5.9.4

Upstream advisory: https://github.com/net-snmp/net-snmp/security/advisories/GHSA-4389-rwqf-q9gq

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.net-snmp