Public bug reported: When net-snmp is given a certificate with an extension that is longer than 512 characters, snmp crashes on startup.
Steps to Reproduce: 1. Configure net-snmp using an EV certificate from a CA (in this case Globalsign). 2. Start snmpd. 3. Actual results: [root@localhost tls]# systemctl status snmpd.service ● snmpd.service - Simple Network Management Protocol (SNMP) Daemon. Loaded: loaded (/usr/lib/systemd/system/snmpd.service; disabled; vendor preset: disabled) Active: failed (Result: core-dump) since Wed 2020-12-16 21:21:59 SAST; 16min ago Process: 53269 ExecStart=/usr/sbin/snmpd $OPTIONS -f (code=dumped, signal=SEGV) Main PID: 53269 (code=dumped, signal=SEGV) Dec 16 21:21:57 localhost systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon.... Dec 16 21:21:58 localhost snmpd[53269]: refusing to read world readable or writable key /etc/snmp/tls/certs/snmpd.crt Dec 16 21:21:58 localhost snmpd[53269]: not enough space or error in allocation for extenstion Dec 16 21:21:59 localhost systemd[1]: snmpd.service: Main process exited, code=dumped, status=11/SEGV Dec 16 21:21:59 localhost systemd[1]: snmpd.service: Failed with result 'core-dump'. Dec 16 21:21:59 localhost systemd[1]: Failed to start Simple Network Management Protocol (SNMP) Daemon.. Expected results: Deamon starts without a crash. Additional info: Fix available here: https://github.com/net-snmp/net-snmp/pull/234 ** Affects: nagios-plugins (Ubuntu) Importance: Undecided Status: New ** Tags: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1912389 Title: [Patch] SIGSEGV: crash when certificate contains extension longer than 512 bytes To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nagios-plugins/+bug/1912389/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
