Updated: 2024-05-23 11:48:36.45643
Description:
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | NONE | 0 |
CVSS Version 3.x | HIGH | 7.6 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
AlmaLinux 9.2 ESU | glibc | 2.34 | 7.6 | HIGH | Released | CLSA-2024:1718023873 | 2024-06-10 10:15:06 | |
CentOS 6 ELS | glibc | 2.12 | 7.6 | HIGH | Released | CLSA-2024:1718901417 | 2024-07-11 10:15:10 | |
CentOS 7 ELS | glibc | 2.17 | 7.6 | HIGH | Released | CLSA-2024:1720027216 | 2024-07-19 04:52:20 | |
CentOS 8.4 ELS | glibc | 2.28 | 7.6 | HIGH | Released | CLSA-2024:1718973147 | 2024-06-21 10:10:17 | |
CentOS 8.5 ELS | glibc | 2.28 | 7.6 | HIGH | Released | CLSA-2024:1723482999 | 2024-08-12 14:30:00 | |
CentOS Stream 8 ELS | glibc | 2.28 | 7.6 | HIGH | Released | CLSA-2024:1718900000 | 2024-06-20 14:21:27 | |
CloudLinux 6 ELS | glibc | 2.12 | 7.6 | HIGH | Released | CLSA-2024:1718901588 | 2024-07-08 14:24:10 | |
Oracle Linux 6 ELS | glibc | 2.12 | 7.6 | HIGH | Released | CLSA-2024:1718900760 | 2024-06-20 14:21:29 | |
Ubuntu 16.04 ELS | glibc | 2.23-0 | 7.6 | HIGH | Released | CLSA-2024:1719920973 | 2024-07-02 11:13:26 | |
Ubuntu 18.04 ELS | glibc | 2.27-3 | 7.6 | HIGH | Released | CLSA-2024:1719569907 | 2024-06-28 10:14:35 |