Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Debian LTS DLA-3850-1 Critical: glibc nscd Buffer Overflow and More

debian lts
Calendar Grey June 30, 2024
Dist Debian Esm H88
Debian security announcement DLA-3850-1 outlines vital glibc patches aimed at mitigating several vulnerabilities and urging users to apply updates.
Multiple vulnerabilities have been fixed in the Name Service Cache Daemon that is built by the GNU C library and shipped in the nscd binary package
Topics%20covered

Topics Covered

security advisory buffer overflow critical memory corruption glibc null pointer nscd

Summary

CVE-2024-33599

nscd: Stack-based buffer overflow in netgroup cache

CVE-2024-33600

nscd: Null pointer crashes after notfound response

CVE-2024-33601

nscd: Daemon may terminate on memory allocation failure

CVE-2024-33602

nscd: Possible memory corruption

For Debian 10 buster, these problems have been fixed in version
2.28-10+deb10u4.

We recommend that you upgrade your glibc packages.

For the detailed security status of glibc please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/glibc

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
critical
Lowest
Low
Medium
High
Critical

Package: glibc
Version: 2.28-10+deb10u4
CVE ID: CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602

Topics%20covered

Topics Covered

security advisory buffer overflow critical memory corruption glibc null pointer nscd

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here