Description

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

INFO

Published Date :

2024-05-06T19:22:12.383Z

Last Modified :

2025-02-13T17:52:21.265Z

Source :

glibc
AFFECTED PRODUCTS

The following products are affected by CVE-2024-33602 vulnerability.

Vendors Products
Debian
  • Debian Linux
Gnu
  • Glibc
Netapp
  • Element Software
  • H300s
  • H300s Firmware
  • H410c
  • H410c Firmware
  • H410s
  • H410s Firmware
  • H500s
  • H500s Firmware
  • H700s
  • H700s Firmware
  • Hci Bootstrap Os
  • Solidfire \& Hci Management Node
  • Solidfire \& Hci Storage Node
Redhat
  • Enterprise Linux
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Tus
  • Rhev Hypervisor
  • Service Interconnect

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact