CVE-2024-33602

CVE-2024-33602: nscd: netgroup cache assumes NSS callback uses in-buffer strings

Vendor The Gnu C Library
Product glibc
Weakness CWE-466
Published May 6, 2024
Last update May 12, 2026

CVSS base score

What the vulnerability does

01Description

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

Key dates

02Disclosure timeline

May 6, 2024 CVE published
May 12, 2026 Record updated