- glibc_2.35-0ubuntu3.7 ()
- 2.35-0ubuntu3.8
- 2024-07-18 11:30:42
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: glibc/2.35/Dummy-version.patch
- CVE CVE-2024-33599, CVSSv2 Score: 7.6
- Description:
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon’s (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
- Patch: glibc/2.35/CVE-2024-33599.patch
- CVE CVE-2024-33600, CVSSv2 Score: 5.3
- Description:
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon’s (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
- Patch: glibc/2.35/CVE-2024-33600_1.patch
- CVE CVE-2024-33600, CVSSv2 Score: 5.3
- Description:
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon’s (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
- Patch: glibc/2.35/CVE-2024-33600_2.patch
- CVE CVE-2024-33601 CVE-2024-33602, CVSSv2 Score: 4.0
- Description:
nscd: netgroup cache assumes NSS callback uses in-buffer strings
- Patch: glibc/2.35/CVE-2024-33601_33602.patch