5.206. net-snmp

Updated net-snmp packages that fix one bug are now available for Red Hat Enterprise Linux 6.
The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser.

Bug Fix

BZ#836252
Prior to this update, there was a limit of 50 'exec' entries in the /etc/snmp/snmpd.conf file. With more than 50 such entries in the configuration file, the snmpd daemon returned the "Error: No further UCD-compatible entries" error message to the system log. With this update, this limit has been removed and there can now be any number of 'exec' entries in the snmpd configuration file, thus preventing this bug.
All users of net-snmp are advised to upgrade to these updated packages, which fix this bug.
Updated net-snmp packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) associated with each description below.
The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser.

Security Fix

CVE-2012-2141
An array index error, leading to an out-of-bounds buffer read flaw, was found in the way the net-snmp agent looked up entries in the extension table. A remote attacker with read privileges to a Management Information Base (MIB) subtree handled by the extend directive (in /etc/snmp/snmpd.conf) could use this flaw to crash snmpd via a crafted SNMP GET request.

Bug Fixes

BZ#736580
In the previous update, a change was made in order to stop snmpd terminating unexpectedly when an AgentX subagent disconnected while processing a request. This fix, however, introduced a memory leak. With this update, this memory leak is fixed.
BZ#740172
In a previous update, a new BRIDGE-MIB was implemented in the net-snmp-perl subpackage. This MIB used incorrect conversion of interface-index values from the kernel and reported incorrect values of ifIndex OIDs (object identifiers). With this update, conversion of interface indexes is fixed and BRIDGE-MIB reports correct ifIndex OIDs.
BZ#746903
Previously, snmpd erroneously enabled verbose logging when parsing the proxy option in the snmpd.conf file. Consequently, unexpected debug messages were sometimes written to the system log. With this update, snmpd no longer modifies logging settings when parsing the proxy option. As a result, no debug messages are sent to the system log unless explicitly enabled by the system administrator.
BZ#748410
Previously, the snmpd daemon strictly implemented RFC 2780. However, this specification no longer scales well with modern big storage devices with small allocation units. Consequently, snmpd reported a wrong value for the HOST-RESOURCES-MIB::hrStorageSize object when working with a large file system (larger than 16TB), because the accurate value did not fit into Integer32 as specified in the RFC. To address this problem, this update adds a new option to the /etc/snmp/snmpd.conf configuration file, realStorageUnits. By changing the value of this option to 0, users can now enable recalculation of all values in hrStorageTable to ensure that the multiplication of hrStorageSize and hrStorageAllocationUnits always produces an accurate device size. The values of hrStorageAllocationUnits are then artificial in this case and no longer represent the real size of the allocation unit on the storage device.
BZ#748411, BZ#755481, BZ#757685
In the previous net-snmp update, the implementation of HOST-RESOURCES-MIB::hrStorageTable was rewritten and devices with Veritas File System (VxFS), ReiserFS, and Oracle Cluster File System (OCFS2) were not reported. In this update, snmpd properly recognizes VxFS, ReiserFS, and OCFS2 devices and reports them in HOST-RESOURCES-MIB::hrStorageTable.
BZ#748907
Prior to this update, the Net-SNMP Perl module did not properly evaluate error codes in the register() method in the NetSNMP::agent module and terminated unexpectedly when this method failed. With this update, the register() method has been fixed and the updated Perl modules no longer crash on failure.
BZ#749227
The SNMP daemon (snmpd) did not properly fill a set of watched socket file descriptors. Therefore, the daemon sometimes terminated unexpectedly with the select: bad file descriptor error message when more than 32 AgentX subagents connected to snmpd on 32-bit platforms or more than 64 subagents on 64-bit platforms. With this update, snmpd properly clears sets of watched file descriptors and no longer crashes when handling a large number of subagents.
BZ#754275
Previously, snmpd erroneously checked the length of SNMP-TARGET-MIB::snmpTargetAddrRowStatus value in incoming SNMP-SET requests on 64-bit platforms. Consequently, snmpd sent an incorrect reply to the SNMP-SET request. With this update, the check of SNMP-TARGET-MIB::snmpTargetAddrRowStatus is fixed and it is possible to set it remotely using SNMP-SET messages.
BZ#754971
Previously, snmpd did not check the permissions of its MIB index files stored in the /var/lib/net-snmp/mib_indexes directory and assumed it could read them. If the read access was denied, for example due to incorrect SELinux contexts on these files, snmpd crashed. With this update, snmpd checks if its MIB index files were correctly opened and does not crash if they cannot be opened.
BZ#786931
Before this release, the length of the OID parameter of sysObjectID (an snmpd.conf config file option) was not correctly stored in snmpd, which resulted in SNMPv2-MIB::sysObjectID being truncated if the OID had more than 10 components. In this update, handling of the OID length is fixed and SNMPv2-MIB::sysObjectID is returned correctly.
BZ#788954
Prior to this update, when snmpd was started and did not find a network interface which had been present during the last snmpd shutdown, the following error message was logged:
snmpd: error finding row index in _ifXTable_container_row_restore 
This happened on systems which dynamically create and remove network interfaces on demand, such as virtual hosts or PPP servers. In this update, this message has been removed and no longer appears in the system log.
BZ#789909
Previously, snmpd, enumerated active TCP connections for TCP-MIB::tcpConnectionTable in an inefficient way with O(n^2) complexity. With many TCP connections, an SNMP client could time out before snmpd processed a request regarding the tcpConnectionTable, and sent a response. This update improves the enumeration mechanism and snmpd now swiftly responds to SNMP requests in the tcpConnectionTable.
BZ#799291
When an object identifier (OID) was out of the subtree registered by the proxy statement in the /etc/snmp/snmpd.conf configuration file, the previous version of the snmpd daemon failed to use a correct OID of proxied GETNEXT requests. With this update, snmpd now adjusts the OIDs of proxied GETNEXT requests correctly and sends correct requests to the remote agent as expected.
BZ#822480
Net-SNMP daemons and utilities use the /var/lib/net-snmp directory to store persistent data, for example the cache of parsed MIB files. This directory is created by the net-snmp package and when this package is not installed, Net-SNMP utilities and libraries create the directory with the wrong SELinux context, which results in an Access Vector Cache (AVC) error reported by SELinux. In this update, the /var/lib/net-snmp directory is created by the net-snmp-lib package, therefore all Net-SNMP utilities and libraries do not need to create the directory and the directory will have the correct SELinux context.
All users of net-snmp are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the update, the snmpd and snmptrapd daemons will be restarted automatically.
Updated net-snmp packages that fix one bug are now available for Red Hat Enterprise Linux 6 Extended Update Support.
The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser.

Bug Fix

BZ#986192
In previous Net-SNMP releases, snmpd reported an invalid speed of network interfaces in IF-MIB::ifTable and IF-MIB::ifXTable if the interface had a speed other than 10, 100, 1000 or 2500 MB/s. Thus, the net-snmp ifHighSpeed value returned was "0" compared to the correct speed as reported in ethtool, if the Virtual Connect speed was set to, for example, 0.9 Gb/s. With this update, the ifHighSpeed value returns the correct speed as reported in ethtool, and snmpd correctly reports non-standard network interface speeds.
Users of net-snmp are advised to upgrade to these updated packages, which fix this bug.
Updated net-snmp packages that fix one bug are now available for Red Hat Enterprise Linux 6 Extended Update Support.
The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser.

Bug Fix

BZ#1002859
When an AgentX subagent disconnected from the SNMP daemon (snmpd), the daemon did not properly check that there were no active requests queued in the subagent and destroyed the session. Consequently, the session was referenced by snmpd later when processing queued requests and because it was already destroyed, snmpd terminated unexpectedly with a segmentation fault or looped indefinitely. This update adds several checks to prevent the destruction of sessions with active requests, and snmpd no longer crashes in the described scenario.
Users of net-snmp are advised to upgrade to these updated packages, which fix this bug.