CVE-2024-33601
- Source
- https://cve.org/CVERecord?id=CVE-2024-33601
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-33601.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-33601
- Downstream
- Related
- Published
- 2024-05-06T19:22:07.763Z
- Modified
- 2026-05-18T05:56:04.370165645Z
- Severity
-
- 7.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
- Summary
- nscd: netgroup cache may terminate daemon on memory allocation failure
- Details
-
nscd: netgroup cache may terminate daemon on memory allocation failure
The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
- Database specific
{ "cwe_ids": [ "CWE-617" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/33xxx/CVE-2024-33601.json", "cna_assigner": "glibc" }- References
-
- http://www.openwall.com/lists/oss-security/2024/07/22/5
- https://cert-portal.siemens.com/productcert/html/ssa-082556.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/33xxx/CVE-2024-33601.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-33601
- https://security.netapp.com/advisory/ntap-20240524-0014/
- https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007
Affected packages
Git / github.com/bminor/glibc
Affected versions
Other
changelog-ends-here
glibc-2.*
glibc-2.15
glibc-2.16
glibc-2.16-ports-merge
glibc-2.16-tps
glibc-2.16.0
glibc-2.16.90
glibc-2.17
glibc-2.17.90
glibc-2.18
glibc-2.18.90
glibc-2.19
glibc-2.19.90
glibc-2.20
glibc-2.20.90
glibc-2.21
glibc-2.21.90
glibc-2.22
glibc-2.22.90
glibc-2.23
glibc-2.23.90
glibc-2.24
glibc-2.24.90
glibc-2.25
glibc-2.25.90
glibc-2.26
glibc-2.26.9000
glibc-2.27
glibc-2.27.9000
glibc-2.28
glibc-2.28.9000
glibc-2.29
glibc-2.29.9000
glibc-2.30
glibc-2.30.9000
glibc-2.31
glibc-2.31.9000
glibc-2.32
glibc-2.32.9000
glibc-2.33
glibc-2.33.9000
glibc-2.34
glibc-2.34.9000
glibc-2.35
glibc-2.35.9000
glibc-2.36
glibc-2.36.9000
glibc-2.37
glibc-2.37.9000
glibc-2.38
glibc-2.38.9000
glibc-2.39
glibc-2.39.9000
Git / sourceware.org/git/glibc.git
Affected ranges
- Type
- GIT
- Repo
- https://sourceware.org/git/glibc.git
- Events
-
Introducedc0da14cdda1fa552262ce3624156194eef43e973Fixed3d1aed874918c466a4477af1da35983ab036690e
- Database specific
{ "extracted_events": [ { "introduced": "2.15" }, { "fixed": "2.40" } ], "cpe": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "source": "CPE_FIELD" }
Affected versions
Other
changelog-ends-here
glibc-2.*
glibc-2.15
glibc-2.16
glibc-2.16-ports-merge
glibc-2.16-tps
glibc-2.16.0
glibc-2.16.90
glibc-2.17
glibc-2.17.90
glibc-2.18
glibc-2.18.90
glibc-2.19
glibc-2.19.90
glibc-2.20
glibc-2.20.90
glibc-2.21
glibc-2.21.90
glibc-2.22
glibc-2.22.90
glibc-2.23
glibc-2.23.90
glibc-2.24
glibc-2.24.90
glibc-2.25
glibc-2.25.90
glibc-2.26
glibc-2.26.9000
glibc-2.27
glibc-2.27.9000
glibc-2.28
glibc-2.28.9000
glibc-2.29
glibc-2.29.9000
glibc-2.30
glibc-2.30.9000
glibc-2.31
glibc-2.31.9000
glibc-2.32
glibc-2.32.9000
glibc-2.33
glibc-2.33.9000
glibc-2.34
glibc-2.34.9000
glibc-2.35
glibc-2.35.9000
glibc-2.36
glibc-2.36.9000
glibc-2.37
glibc-2.37.9000
glibc-2.38
glibc-2.38.9000
glibc-2.39
glibc-2.39.9000