nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon’s (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | glibc | < 2.36-9+deb12u7 | glibc_2.36-9+deb12u7_all.deb |
Debian | 11 | all | glibc | < 2.31-13+deb11u10 | glibc_2.31-13+deb11u10_all.deb |
Debian | 10 | all | glibc | <= 2.28-10+deb10u1 | glibc_2.28-10+deb10u1_all.deb |
Debian | 999 | all | glibc | < 2.37-19 | glibc_2.37-19_all.deb |
Debian | 13 | all | glibc | < 2.37-19 | glibc_2.37-19_all.deb |