AZL-40288 — Vulnetix

AZL-40288 PUBLISHED CVSS 9.300000190734863 CRITICAL

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

Risk Scores

CVSS 4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Azure Linux:3	glibc	0

Exploit Intelligence

glibc.rb (github-poc)
glibc.rb (github-poc)

Timeline

May 6, 2024 CVE Published
Apr 21, 2026 CVE Updated

References

https://nvd.nist.gov/vuln/detail/CVE-2024-33599 url

Open in Interactive Console →