CVE-2024-33602
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-33602
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-33602.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-33602
- Downstream
- Related
- Published
- 2024-05-06T20:15:11Z
- Modified
- 2025-09-24T03:43:03.712434Z
- Summary
- [none]
- Details
-
nscd: netgroup cache assumes NSS callback uses in-buffer strings
The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
- References
Affected packages
Git / sourceware.org/git/glibc.git
Affected ranges
- Type
- GIT
- Repo
- https://sourceware.org/git/glibc.git
- Events
-
Introducedc0da14cdda1fa552262ce3624156194eef43e973Fixed3d1aed874918c466a4477af1da35983ab036690e
Affected versions
Other
changelog-ends-here
glibc-2.*
glibc-2.15
glibc-2.16
glibc-2.16-ports-before-merge
glibc-2.16-ports-merge
glibc-2.16-tps
glibc-2.16.0
glibc-2.16.90
glibc-2.17
glibc-2.17.90
glibc-2.18
glibc-2.18.90
glibc-2.19
glibc-2.19.90
glibc-2.20
glibc-2.20.90
glibc-2.21
glibc-2.21.90
glibc-2.22
glibc-2.22.90
glibc-2.23
glibc-2.23.90
glibc-2.24
glibc-2.24.90
glibc-2.25
glibc-2.25.90
glibc-2.26
glibc-2.26.9000
glibc-2.27
glibc-2.27.9000
glibc-2.28
glibc-2.28.9000
glibc-2.29
glibc-2.29.9000
glibc-2.30
glibc-2.30.9000
glibc-2.31
glibc-2.31.9000
glibc-2.32
glibc-2.32.9000
glibc-2.33
glibc-2.33.9000
glibc-2.34
glibc-2.34.9000
glibc-2.35
glibc-2.35.9000
glibc-2.36
glibc-2.36.9000
glibc-2.37
glibc-2.37.9000
glibc-2.38
glibc-2.38.9000
glibc-2.39
glibc-2.39.9000