CVE-2024-33601
Publication date 6 May 2024
Last updated 24 July 2024
Ubuntu priority
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
Status
Package | Ubuntu Release | Status |
---|---|---|
eglibc | 24.10 oracular | Not in release |
24.04 LTS noble | Not in release | |
22.04 LTS jammy | Not in release | |
20.04 LTS focal | Not in release | |
14.04 LTS trusty | Ignored end of ESM support, was needs-triage | |
glibc | 24.10 oracular |
Needs evaluation
|
24.04 LTS noble |
Fixed 2.39-0ubuntu8.2
|
|
22.04 LTS jammy |
Fixed 2.35-0ubuntu3.8
|
|
20.04 LTS focal |
Fixed 2.31-0ubuntu9.16
|
|
18.04 LTS bionic |
Fixed 2.27-3ubuntu1.6+esm3
|
|
16.04 LTS xenial |
Fixed 2.23-0ubuntu11.3+esm7
|
Get expanded security coverage with Ubuntu Pro
Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.
Get Ubuntu ProPatch details
References
Related Ubuntu Security Notices (USN)
- USN-6804-1
- GNU C Library vulnerabilities
- 31 May 2024