nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
2024-05-06T20:15:11.523
2025-06-18T14:50:25.440
Analyzed
3ff69d7a-14f2-4f67-a097-88dee7810d18
CVSSv3.1: 5.9 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | gnu | glibc | < 2.40 | Yes |
| Operating System | debian | debian_linux | 10.0 | Yes |
| Application | netapp | active_iq_unified_manager | - | Yes |
| Operating System | netapp | h300s_firmware | - | Yes |
| Hardware | netapp | h300s | - | No |
| Operating System | netapp | h500s_firmware | - | Yes |
| Hardware | netapp | h500s | - | No |
| Operating System | netapp | h700s_firmware | - | Yes |
| Hardware | netapp | h700s | - | No |
| Operating System | netapp | h410s_firmware | - | Yes |
| Hardware | netapp | h410s | - | No |
| Operating System | netapp | h410c_firmware | - | Yes |
| Hardware | netapp | h410c | - | No |
| Operating System | netapp | h610c_firmware | - | Yes |
| Hardware | netapp | h610c | - | No |
| Operating System | netapp | h610s_firmware | - | Yes |
| Hardware | netapp | h610s | - | No |
| Operating System | netapp | h615c_firmware | - | Yes |
| Hardware | netapp | h615c | - | No |
| Operating System | netapp | hci_bootstrap_os | - | Yes |