CVE-2017-16820 - OpenCVE

The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact).

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Collectd	Collectd

Configuration 1 [-]

cpe:2.3:a:collectd:collectd:*:*:*:*:*:*:*:*

References

Link	Resource
https://access.redhat.com/errata/RHSA-2018:0252
https://access.redhat.com/errata/RHSA-2018:0299
https://access.redhat.com/errata/RHSA-2018:0560
https://access.redhat.com/errata/RHSA-2018:1605
https://access.redhat.com/errata/RHSA-2018:2615
https://bugs.debian.org/881757	Issue Tracking Third Party Advisory
https://github.com/collectd/collectd/commit/d16c24542b2f96a194d43a73c2e5778822b9cb47	Issue Tracking Patch Third Party Advisory
https://github.com/collectd/collectd/issues/2291	Issue Tracking Third Party Advisory
https://github.com/collectd/collectd/releases/tag/collectd-5.6.3	Issue Tracking Third Party Advisory
https://security.gentoo.org/glsa/201803-10

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-11-14T21:00:00

Updated: 2018-09-04T09:57:01

Reserved: 2017-11-14T00:00:00

Link: CVE-2017-16820

JSON object: View

NVD Information

Status : Modified

Published: 2017-11-14T21:29:00.433

Modified: 2018-09-04T10:29:00.277

Link: CVE-2017-16820

JSON object: View

Redhat Information

No data.

CWE

CWE-415

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-11-14T00:00:00", "descriptions": [{"lang": "en", "value": "The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-04T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2018:0252", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:0252"}, {"name": "GLSA-201803-10", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201803-10"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.debian.org/881757"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/collectd/collectd/issues/2291"}, {"name": "RHSA-2018:0560", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:0560"}, {"name": "RHSA-2018:1605", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1605"}, {"name": "RHSA-2018:2615", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2615"}, {"name": "RHSA-2018:0299", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:0299"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/collectd/collectd/releases/tag/collectd-5.6.3"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/collectd/collectd/commit/d16c24542b2f96a194d43a73c2e5778822b9cb47"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-16820", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2018:0252", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0252"}, {"name": "GLSA-201803-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201803-10"}, {"name": "https://bugs.debian.org/881757", "refsource": "CONFIRM", "url": "https://bugs.debian.org/881757"}, {"name": "https://github.com/collectd/collectd/issues/2291", "refsource": "CONFIRM", "url": "https://github.com/collectd/collectd/issues/2291"}, {"name": "RHSA-2018:0560", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0560"}, {"name": "RHSA-2018:1605", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1605"}, {"name": "RHSA-2018:2615", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2615"}, {"name": "RHSA-2018:0299", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0299"}, {"name": "https://github.com/collectd/collectd/releases/tag/collectd-5.6.3", "refsource": "CONFIRM", "url": "https://github.com/collectd/collectd/releases/tag/collectd-5.6.3"}, {"name": "https://github.com/collectd/collectd/commit/d16c24542b2f96a194d43a73c2e5778822b9cb47", "refsource": "CONFIRM", "url": "https://github.com/collectd/collectd/commit/d16c24542b2f96a194d43a73c2e5778822b9cb47"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-16820", "datePublished": "2017-11-14T21:00:00", "dateReserved": "2017-11-14T00:00:00", "dateUpdated": "2018-09-04T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:collectd:collectd:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0C6B755-5FC2-403F-8EB8-CFC784BBA56C", "versionEndExcluding": "5.6.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact)."}, {"lang": "es", "value": "La funci\u00f3n csnmp_read_table en snmp.c en el plugin SNMP en collectd, en versiones anteriores a la 5.6.3, es susceptible a una doble liberaci\u00f3n (double free) en un cierto caso de error, lo que podr\u00eda conducir a un cierre inesperado (o, potencialmente, provocar otro impacto)."}], "id": "CVE-2017-16820", "lastModified": "2018-09-04T10:29:00.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-14T21:29:00.433", "references": [{"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2018:0252"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2018:0299"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2018:0560"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2018:1605"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2018:2615"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugs.debian.org/881757"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/collectd/collectd/commit/d16c24542b2f96a194d43a73c2e5778822b9cb47"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/collectd/collectd/issues/2291"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/collectd/collectd/releases/tag/collectd-5.6.3"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201803-10"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-415"}], "source": "nvd@nist.gov", "type": "Primary"}]}