High Severity Vulnerability
This vulnerability has been rated as High severity. Immediate action is recommended.
CVE-2024-33599
High
Low
Medium
High
Critical
8.1
CVSS Score
Vulnerability Description
nscd: Stack-based buffer overflow in netgroup cache
If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted
by client requests then a subsequent client request for netgroup data
may result in a stack-based buffer overflow. This flaw was introduced
in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
N
Attack Complexity
H
Privileges Required
N
User Interaction
N
Scope
U
Confidentiality
H
Integrity
H
Availability
H
Known Affected Software
61 configuration(s) from 3 vendor(s)
debian_linux
Version:
10.0
CPE:
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
glibc
Version:
2.35
CPE:
cpe:2.3:a:gnu:glibc:2.35:*:*:*:*:*:*:*
glibc
Version:
2.38.19
CPE:
cpe:2.3:a:gnu:glibc:2.38.19:*:*:*:*:*:*:*
glibc
Version:
2.36.9000
CPE:
cpe:2.3:a:gnu:glibc:2.36.9000:*:*:*:*:*:*:*
glibc
Version:
2.26
CPE:
cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:x86:*
glibc
Version:
2.23
CPE:
cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:x86:*
glibc
Version:
2.33
CPE:
cpe:2.3:a:gnu:glibc:2.33:*:*:*:*:*:*:*
glibc
Version:
2.18.90
CPE:
cpe:2.3:a:gnu:glibc:2.18.90:*:*:*:*:*:*:*
glibc
Version:
2.36.113
CPE:
cpe:2.3:a:gnu:glibc:2.36.113:*:*:*:*:*:*:*
glibc
Version:
2.21
CPE:
cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*
glibc
Version:
2.30.9000
CPE:
cpe:2.3:a:gnu:glibc:2.30.9000:*:*:*:*:*:*:*
glibc
Version:
2.26.9000
CPE:
cpe:2.3:a:gnu:glibc:2.26.9000:*:*:*:*:*:*:*
glibc
Version:
2.37.38
CPE:
cpe:2.3:a:gnu:glibc:2.37.38:*:*:*:*:*:*:*
glibc
Version:
2.39.9000
CPE:
cpe:2.3:a:gnu:glibc:2.39.9000:*:*:*:*:*:*:*
glibc
Version:
2.37
CPE:
cpe:2.3:a:gnu:glibc:2.37:*:*:*:*:*:*:*
glibc
Version:
2.32.0
CPE:
cpe:2.3:a:gnu:glibc:2.32.0:*:*:*:*:*:*:*
glibc
Version:
2.33.9000
CPE:
cpe:2.3:a:gnu:glibc:2.33.9000:*:*:*:*:*:*:*
glibc
Version:
2.20
CPE:
cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:x86:*
glibc
Version:
2.19.90
CPE:
cpe:2.3:a:gnu:glibc:2.19.90:*:*:*:*:*:*:*
glibc
Version:
2.17
CPE:
cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:x86:*
glibc
Version:
2.32.9000
CPE:
cpe:2.3:a:gnu:glibc:2.32.9000:*:*:*:*:*:*:*
glibc
Version:
2.18
CPE:
cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:x86:*
glibc
Version:
2.15
CPE:
cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*
glibc
Version:
2.38.9000
CPE:
cpe:2.3:a:gnu:glibc:2.38.9000:*:*:*:*:*:*:*
glibc
Version:
2.30
CPE:
cpe:2.3:a:gnu:glibc:2.30:*:*:*:*:*:*:*
glibc
Version:
2.28.9000
CPE:
cpe:2.3:a:gnu:glibc:2.28.9000:*:*:*:*:*:*:*
glibc
Version:
2.29.9000
CPE:
cpe:2.3:a:gnu:glibc:2.29.9000:*:*:*:*:*:*:*
glibc
Version:
2.22
CPE:
cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:x86:*
glibc
Version:
2.27.9000
CPE:
cpe:2.3:a:gnu:glibc:2.27.9000:*:*:*:*:*:*:*
glibc
Version:
2.36
CPE:
cpe:2.3:a:gnu:glibc:2.36:*:*:*:*:*:*:*
glibc
Version:
2.20.90
CPE:
cpe:2.3:a:gnu:glibc:2.20.90:*:*:*:*:*:*:*
glibc
Version:
2.29
CPE:
cpe:2.3:a:gnu:glibc:2.29:*:*:*:*:*:x86:*
glibc
Version:
2.37.9000
CPE:
cpe:2.3:a:gnu:glibc:2.37.9000:*:*:*:*:*:*:*
glibc
Version:
2.19
CPE:
cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*
glibc
Version:
2.16.90
CPE:
cpe:2.3:a:gnu:glibc:2.16.90:*:*:*:*:*:*:*
glibc
Version:
2.24.90
CPE:
cpe:2.3:a:gnu:glibc:2.24.90:*:*:*:*:*:*:*
glibc
Version:
2.39
CPE:
cpe:2.3:a:gnu:glibc:2.39:*:*:*:*:*:*:*
glibc
Version:
2.28
CPE:
cpe:2.3:a:gnu:glibc:2.28:*:*:*:*:*:x86:*
glibc
Version:
2.22.90
CPE:
cpe:2.3:a:gnu:glibc:2.22.90:*:*:*:*:*:*:*
glibc
Version:
2.31.9000
CPE:
cpe:2.3:a:gnu:glibc:2.31.9000:*:*:*:*:*:*:*
glibc
Version:
2.23.90
CPE:
cpe:2.3:a:gnu:glibc:2.23.90:*:*:*:*:*:*:*
glibc
Version:
2.32
CPE:
cpe:2.3:a:gnu:glibc:2.32:*:*:*:*:*:*:*
glibc
Version:
2.25.90
CPE:
cpe:2.3:a:gnu:glibc:2.25.90:*:*:*:*:*:*:*
glibc
Version:
2.17.90
CPE:
cpe:2.3:a:gnu:glibc:2.17.90:*:*:*:*:*:*:*
glibc
Version:
2.31
CPE:
cpe:2.3:a:gnu:glibc:2.31:*:*:*:*:*:x64:*
glibc
Version:
2.34
CPE:
cpe:2.3:a:gnu:glibc:2.34:*:*:*:*:*:*:*
glibc
Version:
2.27
CPE:
cpe:2.3:a:gnu:glibc:2.27:*:*:*:*:*:x86:*
glibc
Version:
2.38
CPE:
cpe:2.3:a:gnu:glibc:2.38:*:*:*:*:*:*:*
glibc
Version:
2.21.90
CPE:
cpe:2.3:a:gnu:glibc:2.21.90:*:*:*:*:*:*:*
glibc
Version:
2.16
CPE:
cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*
glibc
Version:
2.34.9000
CPE:
cpe:2.3:a:gnu:glibc:2.34.9000:*:*:*:*:*:*:*
glibc
Version:
2.25
CPE:
cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*
glibc
Version:
2.35.9000
CPE:
cpe:2.3:a:gnu:glibc:2.35.9000:*:*:*:*:*:*:*
glibc
Version:
2.16.0
CPE:
cpe:2.3:a:gnu:glibc:2.16.0:*:*:*:*:*:*:*
glibc
Version:
2.24
CPE:
cpe:2.3:a:gnu:glibc:2.24:*:*:*:*:*:*:*
h700s_firmware
Version:
-
CPE:
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
h500s_firmware
Version:
-
CPE:
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
h410s_firmware
Version:
-
CPE:
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
h300s_firmware
Version:
-
CPE:
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
h410c_firmware
Version:
-
CPE:
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
hci_bootstrap_os
Version:
-
CPE:
cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*
This vulnerability affects 61 software configuration(s). Ensure you patch all affected systems.
Microsoft
2024-May-CVE-2024-33599
CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache
Severity
Unknown
Released
Oct 03, 2025
Security Update
Microsoft
2025-Jul-CVE-2024-33599
CVE-2024-33599: None
Severity
Unknown
Released
Sep 17, 2025
Security Update
Microsoft
2025-Mar-CVE-2024-33599
CVE-2024-33599: None
Severity
Unknown
Released
Sep 04, 2025
Security Update
Oracle
CPUJAN2025
Oracle Critical Patch Update Advisory - January 2025
Severity
Critical
Released
Jan 21, 2025
Restart Required
Security Update
References & Resources
-
http://www.openwall.com/lists/oss-security/2024/07/22/53ff69d7a-14f2-4f67-a097-88dee7810d18 Mailing List Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html3ff69d7a-14f2-4f67-a097-88dee7810d18 Mailing List Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20240524-0011/3ff69d7a-14f2-4f67-a097-88dee7810d18 Third Party Advisory
-
https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-00053ff69d7a-14f2-4f67-a097-88dee7810d18 Broken Link
-
http://www.openwall.com/lists/oss-security/2024/07/22/5af854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2024/06/msg00026.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20240524-0011/af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005af854a3a-2127-422b-91ae-364da2661108 Broken Link
Severity Details
8.1
out of 10.0
High
Weakness Type (CWE)
CWE-121
Stack-based Buffer Overflow
- Description
- A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
- Exploit Likelihood
- High
- Typical Severity
- High
- Abstraction Level
- Variant
Key Information
- Published Date
- May 06, 2024
