Vulnerability CVE-2024-33599: Information
Description
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
glibc | sisyphus | 2.38.0.76.e9f05fa1c6-alt1 | 2.38.0.76.e9f05fa1c6-alt1 | ALT-PU-2024-7263-2 | 347163 | Fixed |
glibc | sisyphus_loongarch64 | 2.38.0.76.e9f05fa1c6-alt1.0.port | 2.38.0.76.e9f05fa1c6-alt1.0.port | ALT-PU-2024-7462-1 | - | Fixed |
glibc | p10 | 2.32-alt5.p10.3 | 2.32-alt5.p10.3 | ALT-PU-2024-7271-3 | 347164 | Fixed |
glibc | c10f1 | 2.32-alt5.p10.3 | 2.32-alt5.p10.3 | ALT-PU-2024-7402-2 | 347166 | Fixed |