CVE-2024-33602

CVSS v3.1

7.4

High

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions glibc versions 2.15 and later

Description The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This issue can lead to a denial of service.

Recommendations For glibc versions 2.15 and later, consider disabling the netgroup cache in nscd as a temporary workaround until a patch is available. Restrict access to the nscd binary to minimize the risk of exploitation. Avoid using the NSS callback with in-buffer strings in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-466

Related Identifiers

ALSA-2024:3339

ALSA-2024:3344

ALT-PU-2024-7263

ALT-PU-2024-7271

ALT-PU-2024-7402

AZL-40319

BDU:2024-03601

CESA-2024_3344

CVE-2024-33602

DLA-3850-1

DSA-5678-1

INFSA-2024_3339

INFSA-2024_3344

MGASA-2024-0173

OESA-2024-1544

OESA-2024-1593

OESA-2024-1594

OESA-2024-1624

OESA-2024-1691

OPENSUSE-SU-2024:13991-1

OPENSUSE-SU-2024_1895-1

RHSA-2024:2799

RHSA-2024:3309

RHSA-2024:3312

RHSA-2024:3339

RHSA-2024:3344

RHSA-2024:3411

RHSA-2024:3423

RHSA-2024:3464

RHSA-2024:3588

RHSA-2024_3339

RHSA-2024_3344

RHSA-2024_3588

RLSA-2024:3339

RLSA-2024:3344

SUSE-SU-2024:1675-1

SUSE-SU-2024:1895-1

SUSE-SU-2024:1895-2

SUSE-SU-2024:1977-1

SUSE-SU-2025:20038-1

USN-6804-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

Glibc

CVE-2024-33602

Weakness Enumeration

Related Identifiers

Affected Products

References · 113