[Git][security-tracker-team/security-tracker][master] Add new glibc issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Apr 25 22:24:22 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e71c457c by Salvatore Bonaccorso at 2024-04-25T22:58:49+02:00
Add new glibc issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2024-33602 [nscd: netgroup cache assumes NSS callback uses in-buffer strings]
+	- glibc <unfixed>
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31680
+	NOTE: https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/
+	NOTE: https://www.openwall.com/lists/oss-security/2024/04/24/2
+CVE-2024-33601 [nscd: netgroup cache may terminate daemon on memory allocation failure]
+	- glibc <unfixed>
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31679
+	NOTE: https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/
+	NOTE: https://www.openwall.com/lists/oss-security/2024/04/24/2
+CVE-2024-33600 [nscd: Null pointer dereferences after failed netgroup cache insertion]
+	- glibc <unfixed>
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31678
+	NOTE: https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/
+	NOTE: https://www.openwall.com/lists/oss-security/2024/04/24/2
+CVE-2024-33599 [nscd: netgroup cache: invalid memcpy under low memory/storage conditions]
+	- glibc <unfixed>
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31677
+	NOTE: https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/
+	NOTE: https://www.openwall.com/lists/oss-security/2024/04/24/2
 CVE-2024-4175 (Unicode transformation vulnerability in Hyperion affecting version 2.0 ...)
 	NOT-FOR-US: Hyperion
 CVE-2024-4174 (Cross-Site Scripting (XSS) vulnerability in Hyperion Web Server affect ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e71c457cf51f19c88a80662a9549d981bad8e799

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e71c457cf51f19c88a80662a9549d981bad8e799
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240425/da648040/attachment.htm>

More information about the debian-security-tracker-commits mailing list