It was discovered that the snmp_pdu_parse() mishandles error codes and is vulnerable to a heap corruption within the parsing of the PDU prior to the authentication process. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd.
The version 5.7.2 was vulnerable to a heap corruption within the parsing of the PDU prior to the authentication process.
Created net-snmp tracking bugs for this issue:
Affects: fedora-all [bug 1552845]
The "upstream patch" linked in Comment 0 is the same as for Bug 1212408, which was CVE-2015-5621.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 6
Via RHSA-2015:1636: https://access.redhat.com/errata/RHSA-2015:1636