// For flags

CVE-2024-33601

nscd: netgroup cache may terminate daemon on memory allocation failure

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

nscd: netgroup cache may terminate daemon on memory allocation failure

The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or
xrealloc and these functions may terminate the process due to a memory
allocation failure resulting in a denial of service to the clients. The
flaw was introduced in glibc 2.15 when the cache was added to nscd.

This vulnerability is only present in the nscd binary.

nscd: la caché de netgroup puede terminar el daemon ante una falla en la asignación de memoria La caché de netgroup del daemon de caché del servicio de nombres (nscd) usa xmalloc o xrealloc y estas funciones pueden terminar el proceso debido a una falla en la asignación de memoria que resulta en una denegación de servicio a los clientes. La falla se introdujo en glibc 2.15 cuando se agregó el caché a nscd. Esta vulnerabilidad sólo está presente en el binario nscd.

A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-04-24 CVE Reserved
  • 2024-05-06 CVE Published
  • 2024-07-01 EPSS Updated
  • 2024-08-02 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-617: Reachable Assertion
  • CWE-703: Improper Check or Handling of Exceptional Conditions
CAPEC
  • CAPEC-130: Excessive Allocation
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
The GNU C Library
Search vendor "The GNU C Library"
Glibc
Search vendor "The GNU C Library" for product "Glibc"
>= 2.15 < 2.40
Search vendor "The GNU C Library" for product "Glibc" and version " >= 2.15 < 2.40"
en
Affected