ГлавнаяУязвимости → CVE-2024-33601
7.3высокая

CVE-2024-33601

→ есть в БДУ: BDU:2024-03602 (на русском)
Описание (на английском; русское — в БДУ выше)

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

Затрагиваемое ПО
Gnu GlibcDebian Debian linuxNetapp H300s firmwareNetapp H300sNetapp H500s firmwareNetapp H500sNetapp H700s firmwareNetapp H700sNetapp H410s firmwareNetapp H410sNetapp H410c firmwareNetapp H410cNetapp H610c firmwareNetapp H610cNetapp H615c firmwareNetapp H615cNetapp H610s firmwareNetapp H610sNetapp Hci bootstrap osNetapp Hci compute node
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
http://www.openwall.com/lists/oss-security/2024/07/22/5https://lists.debian.org/debian-lts-announce/2024/06/msg00026.htmlhttps://security.netapp.com/advisory/ntap-20240524-0014/https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007http://www.openwall.com/lists/oss-security/2024/07/22/5https://lists.debian.org/debian-lts-announce/2024/06/msg00026.htmlhttps://security.netapp.com/advisory/ntap-20240524-0014/https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007