|
Vulnerabilities
< Back

CVE-2024-33601

Updated on 06 May 2024

Severity

7.3 High severity

Details

CVSS score
7.3
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE ID
Links
NISTCIRCLRHELUbuntu

Overview

About vulnerability

nscd: netgroup cache may terminate daemon on memory allocation failure

The Name Service Cache Daemon’s (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd.

This vulnerability is only present in the nscd binary.

Details

Affected product:
AlmaLinux 9.2 ESU , CentOS 6 ELS , CentOS 7 ELS , CentOS 8.4 ELS , CentOS 8.5 ELS , CentOS Stream 8 ELS , CloudLinux 6 ELS , Oracle Linux 6 ELS , Ubuntu 16.04 ELS , Ubuntu 18.04 ELS
Affected packages:
glibc @ 2.12 (+9 more)

nscd: netgroup cache may terminate daemon on memory allocation failure

The Name Service Cache Daemon’s (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd.

This vulnerability is only present in the nscd binary.

Fixes