CVE-2024-33599
nscd: Stack-based buffer overflow in netgroup cache
nscd: Stack-based buffer overflow in netgroup cache
If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted
by client requests then a subsequent client request for netgroup data
may result in a stack-based buffer overflow. This flaw was introduced
in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
The GNU C Library · glibc¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://cert-portal.siemens.com/productcert/html/ssa-082556.htmlhttps://lists.debian.org/debian-lts-announce/2024/06/msg00026.htmlhttps://security.netapp.com/advisory/ntap-20240524-0011/https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005http://www.openwall.com/lists/oss-security/2024/07/22/5