CVE-2021-27645
Description
The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.
Risk Information
Base Score
2.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.037
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| GNU C Library (USN-5310-1) libc6_2.27-3ubuntu1.5_i386.deb | Linux |
| GNU C Library (USN-5310-1) libc6_2.27-3ubuntu1.5_amd64.deb | Linux |
| GNU C Library (USN-5310-1) libc6_2.31-0ubuntu9.9_i386.deb | Linux |
| GNU C Library (USN-5310-1) libc6_2.31-0ubuntu9.7_amd64.deb | Linux |
| GNU C Library (USN-5310-1) libc6_2.34-0ubuntu3.2_i386.deb | Linux |
| GNU C Library (USN-5310-1) libc6_2.34-0ubuntu3.2_amd64.deb | Linux |
| Glibc update (ELSA-2024-3588) glibc-2.17-326.0.9.el7_9.3.i686.rpm | Linux |
| Glibc update (ELSA-2024-3588) glibc-2.17-326.0.9.el7_9.3.x86_64.rpm | Linux |
| Glibc-common update (ELSA-2024-3588) glibc-common-2.17-326.0.9.el7_9.3.x86_64.rpm | Linux |
| Glibc-devel update (ELSA-2024-3588) glibc-devel-2.17-326.0.9.el7_9.3.i686.rpm | Linux |
| Glibc-devel update (ELSA-2024-3588) glibc-devel-2.17-326.0.9.el7_9.3.x86_64.rpm | Linux |
| Glibc-headers update (ELSA-2024-3588) glibc-headers-2.17-326.0.9.el7_9.3.x86_64.rpm | Linux |
| Glibc-utils update (ELSA-2024-3588) glibc-utils-2.17-326.0.9.el7_9.3.x86_64.rpm | Linux |
| Nscd update (ELSA-2024-3588) nscd-2.17-326.0.9.el7_9.3.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234