ALPINE-CVE-2022-44792 — Vulnetix

Try Vulnetix Request Demo

ALPINE-CVE-2022-44792 PUBLISHED CVSS 6.5 MEDIUM

handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Alpine:v3.21	net-snmp	5.9.1-r7, 5.9.3-r0, 5.9.3-r1
Alpine:v3.20	net-snmp	5.9.1-r7, 5.9.3-r0, 5.9.3-r1
Alpine:v3.22	net-snmp	5.9.1-r4, 0, 5.4.2.1-r0
Alpine:v3.18	net-snmp	5.7.2-r0, 5.7.3-r9, 5.8-r0
Alpine:v3.14	net-snmp	5.7.3-r1, 5.7.3-r4, 5.7.3-r5
Alpine:v3.23	net-snmp	5.8-r1, 5.8-r2, 5.8-r3
Alpine:v3.16	net-snmp	5.9.1-r0, 0, 5.4.2.1-r0
Alpine:v3.15	net-snmp	0, 5.4.2.1-r0, 5.4.2.1-r1
Alpine:v3.19	net-snmp	5.7.3-r11, 5.7.3-r10, 5.7.3-r1
Alpine:v3.17	net-snmp	5.7.3-r11, 5.7.3-r10, 5.7.3-r1

Timeline

Nov 7, 2022 CVE Published
Dec 3, 2025 CVE Updated
Apr 30, 2026 Distribution Patch

References

https://security.alpinelinux.org/vuln/CVE-2022-44792 advisory

Open in Interactive Console →