ГлавнаяУязвимости → CVE-2024-33599
8.1высокая

CVE-2024-33599

→ есть в БДУ: BDU:2024-03561 (на русском)
Описание (на английском; русское — в БДУ выше)

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

Затрагиваемое ПО
Gnu GlibcDebian Debian linuxNetapp H300s firmwareNetapp H300sNetapp H500s firmwareNetapp H500sNetapp H700s firmwareNetapp H700sNetapp H410s firmwareNetapp H410sNetapp H410c firmwareNetapp H410cNetapp Hci bootstrap os
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
http://www.openwall.com/lists/oss-security/2024/07/22/5https://lists.debian.org/debian-lts-announce/2024/06/msg00026.htmlhttps://security.netapp.com/advisory/ntap-20240524-0011/https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005http://www.openwall.com/lists/oss-security/2024/07/22/5https://lists.debian.org/debian-lts-announce/2024/06/msg00026.htmlhttps://security.netapp.com/advisory/ntap-20240524-0011/https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005