nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon’s (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | glibc | < 2.36-9+deb12u7 | glibc_2.36-9+deb12u7_all.deb |
Debian | 11 | all | glibc | < 2.31-13+deb11u10 | glibc_2.31-13+deb11u10_all.deb |
Debian | 10 | all | glibc | <= 2.28-10+deb10u1 | glibc_2.28-10+deb10u1_all.deb |
Debian | 999 | all | glibc | < 2.37-19 | glibc_2.37-19_all.deb |
Debian | 13 | all | glibc | < 2.37-19 | glibc_2.37-19_all.deb |