| Package | glibc |
|---|---|
| Version | 2.19-18+deb8u14 (jessie), 2.24-11+deb9u7 (stretch) |
| Related CVEs | CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 |
Multiple vulnerabilities have been fixed in the Name Service Cache Daemon that is built by the GNU C library and shipped in the nscd binary package.
CVE-2024-33599
nscd: Stack-based buffer overflow in netgroup cache
CVE-2024-33600
nscd: Null pointer crashes after notfound response
CVE-2024-33601
nscd: Daemon may terminate on memory allocation failure
CVE-2024-33602
nscd: Possible memory corruption
For Debian 8 jessie, these problems have been fixed in version 2.19-18+deb8u14.
For Debian 9 stretch, these problems have been fixed in version 2.24-11+deb9u7.
We recommend that you upgrade your glibc packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.