Return
-
Title
Syslog-ng PE CVE-2025-68615 net-snmp -
Description
Is Syslog-ng PE impacted by CVE-2025-68615?
-
Cause
From NVD for CVE-2025-68615:
"net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2."
-
Resolution
Syslog-ng 8.x.x does not use the snmptrap daemon; therefore, it is not affected by this vulnerability.
-
Change Request
696256