Lucene search

K
ubuntucveUbuntu.comUB:CVE-2024-33602
HistoryMay 06, 2024 - 12:00 a.m.

CVE-2024-33602

2024-05-0600:00:00
ubuntu.com
ubuntu.com
10
nscd
netgroup cache
vulnerability
nss callback

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name
Service Cache Daemon’s (nscd) netgroup cache can corrupt memory when the
NSS callback does not store all strings in the provided buffer. The flaw
was introduced in glibc 2.15 when the cache was added to nscd. This
vulnerability is only present in the nscd binary.

Notes

Author Note
mdeslaur same commits as CVE-2024-33601
OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarcheglibc< anyUNKNOWN
ubuntu18.04noarchglibc< 2.27-3ubuntu1.6+esm3UNKNOWN
ubuntu20.04noarchglibc< 2.31-0ubuntu9.16UNKNOWN
ubuntu22.04noarchglibc< 2.35-0ubuntu3.8UNKNOWN
ubuntu23.10noarchglibc< 2.38-1ubuntu6.3UNKNOWN
ubuntu24.04noarchglibc< 2.39-0ubuntu8.2UNKNOWN
ubuntu16.04noarchglibc< 2.23-0ubuntu11.3+esm7UNKNOWN