CentOS Linux: CVE-2024-33599: Important: glibc security update (CESA-2024:3588)

CentOS Linux: CVE-2024-33599: Important: glibc security update (CESA-2024:3588)

Severity

4

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

05/06/2024

Created

06/06/2024

Added

06/05/2024

Modified

06/05/2024

Description

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow.This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

Solution(s)

• centos-upgrade-glibc
• centos-upgrade-glibc-common
• centos-upgrade-glibc-debuginfo
• centos-upgrade-glibc-debuginfo-common
• centos-upgrade-glibc-devel
• centos-upgrade-glibc-headers
• centos-upgrade-glibc-static
• centos-upgrade-glibc-utils
• centos-upgrade-nscd

References

• CVE-2024-33599