nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
2024-05-06T20:15:11.603
2025-08-01T01:56:26.467
Analyzed
3ff69d7a-14f2-4f67-a097-88dee7810d18
CVSSv3.1: 7.3 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | gnu | glibc | < 2.40 | Yes |
| Operating System | debian | debian_linux | 10.0 | Yes |
| Operating System | netapp | h300s_firmware | - | Yes |
| Hardware | netapp | h300s | - | No |
| Operating System | netapp | h500s_firmware | - | Yes |
| Hardware | netapp | h500s | - | No |
| Operating System | netapp | h700s_firmware | - | Yes |
| Hardware | netapp | h700s | - | No |
| Operating System | netapp | h410s_firmware | - | Yes |
| Hardware | netapp | h410s | - | No |
| Operating System | netapp | h410c_firmware | - | Yes |
| Hardware | netapp | h410c | - | No |
| Operating System | netapp | h610c_firmware | - | Yes |
| Hardware | netapp | h610c | - | No |
| Operating System | netapp | h615c_firmware | - | Yes |
| Hardware | netapp | h615c | - | No |
| Operating System | netapp | h610s_firmware | - | Yes |
| Hardware | netapp | h610s | - | No |
| Operating System | netapp | hci_bootstrap_os | - | Yes |
| Hardware | netapp | hci_compute_node | - | No |