CVE-2024-33600

{"id": "CVE-2024-33600", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2024-05-06T20:15:11.523", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "source": "3ff69d7a-14f2-4f67-a097-88dee7810d18"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "source": "3ff69d7a-14f2-4f67-a097-88dee7810d18"}, {"url": "https://security.netapp.com/advisory/ntap-20240524-0013/", "source": "3ff69d7a-14f2-4f67-a097-88dee7810d18"}, {"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006", "source": "3ff69d7a-14f2-4f67-a097-88dee7810d18"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20240524-0013/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "3ff69d7a-14f2-4f67-a097-88dee7810d18", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "nscd: Null pointer crashes after notfound response\n\nIf the Name Service Cache Daemon's (nscd) cache fails to add a not-found\nnetgroup response to the cache, the client request can result in a null\npointer dereference. This flaw was introduced in glibc 2.15 when the\ncache was added to nscd.\n\nThis vulnerability is only present in the nscd binary."}, {"lang": "es", "value": "nscd: el puntero nulo falla despu\u00e9s de una respuesta no encontrada Si el cach\u00e9 del daemon de cach\u00e9 del servicio de nombres (nscd) no logra agregar una respuesta de grupo de red no encontrado al cach\u00e9, la solicitud del cliente puede resultar en una desreferencia del puntero nulo. Esta falla se introdujo en glibc 2.15 cuando se agreg\u00f3 el cach\u00e9 a nscd. Esta vulnerabilidad s\u00f3lo est\u00e1 presente en el binario nscd."}], "lastModified": "2025-03-27T15:15:52.133", "sourceIdentifier": "3ff69d7a-14f2-4f67-a097-88dee7810d18"}