CVE-2024-33602

May 6, 2024, 8:15 p.m.

None
No Score

Description

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

Product(s) Impacted

Product Versions
glibc
  • ['2.15']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008

Tags

2024-05-06
3ff69d7a-14f2-4f67-a097-88dee7810d18
CVE-2024-33602
CWE-466

Timeline

Published: May 6, 2024, 8:15 p.m.
Last Modified: May 6, 2024, 8:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

3ff69d7a-14f2-4f67-a097-88dee7810d18

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.