nscd: Stack-based buffer overflow in netgroup cache If the Name Service
Cache Daemon’s (nscd) fixed size cache is exhausted by client requests then
a subsequent client request for netgroup data may result in a stack-based
buffer overflow. This flaw was introduced in glibc 2.15 when the cache was
added to nscd. This vulnerability is only present in the nscd binary.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 14.04 | noarch | eglibc | < any | UNKNOWN |
ubuntu | 18.04 | noarch | glibc | < 2.27-3ubuntu1.6+esm3 | UNKNOWN |
ubuntu | 20.04 | noarch | glibc | < 2.31-0ubuntu9.16 | UNKNOWN |
ubuntu | 22.04 | noarch | glibc | < 2.35-0ubuntu3.8 | UNKNOWN |
ubuntu | 23.10 | noarch | glibc | < 2.38-1ubuntu6.3 | UNKNOWN |
ubuntu | 24.04 | noarch | glibc | < 2.39-0ubuntu8.2 | UNKNOWN |
ubuntu | 16.04 | noarch | glibc | < 2.23-0ubuntu11.3+esm7 | UNKNOWN |
inbox.sourceware.org/libc-alpha/[email protected]/
launchpad.net/bugs/cve/CVE-2024-33599
nvd.nist.gov/vuln/detail/CVE-2024-33599
security-tracker.debian.org/tracker/CVE-2024-33599
ubuntu.com/security/notices/USN-6804-1
www.cve.org/CVERecord?id=CVE-2024-33599
www.openwall.com/lists/oss-security/2024/04/24/2