Описание
nscd: Stack-based buffer overflow in netgroup cache
If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted
by client requests then a subsequent client request for netgroup data
may result in a stack-based buffer overflow. This flaw was introduced
in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity.
Отчет
This stack-based buffer overflow vulnerability in nscd presents a important severity issue due to its potential to be exploited by malicious actors to execute arbitrary code or cause denial-of-service (DoS) conditions. By carefully crafting input data, an attacker could manipulate the program's control flow, leading to unintended behavior such as executing arbitrary commands, escalating privileges, or crashing the application. Since the overflow occurs in a critical system component responsible for caching name service data, exploitation could have far-reaching consequences, including unauthorized access to sensitive information or disruption of essential services. This issue affects the nscd RPM package and not the glibc RPM package itself. Affected components are tracked by their RPM source package, in this case, the nscd binary package is built from the glibc source package, hence the affected component is glibc.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | glibc | Not affected | ||
| Red Hat Enterprise Linux 6 | compat-glibc | Not affected | ||
| Red Hat Enterprise Linux 6 | glibc | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-glibc | Not affected | ||
| Red Hat Enterprise Linux 7 | glibc | Fixed | RHSA-2024:3588 | 04.06.2024 |
| Red Hat Enterprise Linux 8 | glibc | Fixed | RHSA-2024:3344 | 23.05.2024 |
| Red Hat Enterprise Linux 8 | glibc | Fixed | RHSA-2024:3344 | 23.05.2024 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | glibc | Fixed | RHSA-2024:3464 | 29.05.2024 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | glibc | Fixed | RHSA-2024:3309 | 23.05.2024 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | glibc | Fixed | RHSA-2024:3309 | 23.05.2024 |
Показывать по
Дополнительная информация
Статус:
7.6 High
CVSS3
Связанные уязвимости
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
nscd: Stack-based buffer overflow in netgroup cache If the Name Servi ...
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
7.6 High
CVSS3