nscd: netgroup cache may terminate daemon on memory allocation failure The
Name Service Cache Daemon’s (nscd) netgroup cache uses xmalloc or xrealloc
and these functions may terminate the process due to a memory allocation
failure resulting in a denial of service to the clients. The flaw was
introduced in glibc 2.15 when the cache was added to nscd. This
vulnerability is only present in the nscd binary.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 14.04 | noarch | eglibc | < any | UNKNOWN |
ubuntu | 18.04 | noarch | glibc | < 2.27-3ubuntu1.6+esm3 | UNKNOWN |
ubuntu | 20.04 | noarch | glibc | < 2.31-0ubuntu9.16 | UNKNOWN |
ubuntu | 22.04 | noarch | glibc | < 2.35-0ubuntu3.8 | UNKNOWN |
ubuntu | 23.10 | noarch | glibc | < 2.38-1ubuntu6.3 | UNKNOWN |
ubuntu | 24.04 | noarch | glibc | < 2.39-0ubuntu8.2 | UNKNOWN |
ubuntu | 16.04 | noarch | glibc | < 2.23-0ubuntu11.3+esm7 | UNKNOWN |
inbox.sourceware.org/libc-alpha/[email protected]/
launchpad.net/bugs/cve/CVE-2024-33601
nvd.nist.gov/vuln/detail/CVE-2024-33601
security-tracker.debian.org/tracker/CVE-2024-33601
ubuntu.com/security/notices/USN-6804-1
www.cve.org/CVERecord?id=CVE-2024-33601
www.openwall.com/lists/oss-security/2024/04/24/2