Several security issues were fixed in GNU C Library.
Software Description:
- glibc: GNU C Library
Details:
It was discovered that GNU C Library nscd daemon contained a stack-based buffer
overflow. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-33599)
It was discovered that GNU C Library nscd daemon did not properly check the
cache content, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2024-33600)
It was discovered that GNU C Library nscd daemon did not properly validate
memory allocation in certain situations, leading to a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-33601)
It was discovered that GNU C Library nscd daemon did not properly handle memory
allocation, which could lead to memory corruption. A local attacker could use
this to cause a denial of service (syste...
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
nscd 2.39-0ubuntu8.2
Ubuntu 23.10
nscd 2.38-1ubuntu6.3
Ubuntu 22.04 LTS
nscd 2.35-0ubuntu3.8
Ubuntu 20.04 LTS
nscd 2.31-0ubuntu9.16
Ubuntu 18.04 LTS
nscd 2.27-3ubuntu1.6+esm3
Available with Ubuntu Pro
Ubuntu 16.04 LTS
nscd 2.23-0ubuntu11.3+esm7
Available with Ubuntu Pro
After a standard system update you need to restart nscd to make
all the necessary changes.https://ubuntu.com/security/notices/USN-6804-1
CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602
Get the latest Linux and open source security news straight to your inbox.