Vulnerability CVE-2024-33600: Information
Description
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
glibc | sisyphus | 2.38.0.76.e9f05fa1c6-alt1 | 2.38.0.76.e9f05fa1c6-alt1 | ALT-PU-2024-7263-2 | 347163 | Fixed |
glibc | sisyphus_loongarch64 | 2.38.0.76.e9f05fa1c6-alt1.0.port | 2.38.0.76.e9f05fa1c6-alt1.0.port | ALT-PU-2024-7462-1 | - | Fixed |
glibc | p10 | 2.32-alt5.p10.3 | 2.32-alt5.p10.3 | ALT-PU-2024-7271-3 | 347164 | Fixed |
glibc | c10f1 | 2.32-alt5.p10.3 | 2.32-alt5.p10.3 | ALT-PU-2024-7402-2 | 347166 | Fixed |