Published: 24/02/2021 Updated: 07/11/2023

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 2.5 | Impact Score: 1.4 | Exploitability Score: 1

VMScore: 170

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 up to and including 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu glibc
fedoraproject fedora 33
fedoraproject fedora 34
debian debian linux 10.0

Debian Bug report logs - #983479 glibc: CVE-2021-27645: double-free in nscd Package: src:glibc; Maintainer for src:glibc is GNU Libc Maintainers <debian-glibc@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 24 Feb 2021 20:39:01 UTC Severity: important Tags: security, upstream Foun ...

Several security issues were fixed in GNU C Library ...

Synopsis Important: Red Hat OpenShift GitOps security update Type/Severity Security Advisory: Important Topic An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 12 (GitOps v122)Re ...

Synopsis Moderate: Release of OpenShift Serverless 1200 Type/Severity Security Advisory: Moderate Topic Release of OpenShift Serverless 1200Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available fo ...

Synopsis Moderate: Red Hat OpenShift distributed tracing 210 security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Openshit distributed tracing 21Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...

Synopsis Important: Release of containers for OSP 162 director operator tech preview Type/Severity Security Advisory: Important Topic Red Hat OpenStack Platform 162 (Train) director Operator containers areavailable for technology preview Description Release osp-director-operator imagesSecurity Fix(es): golang: net/http: limit growth of h ...

Synopsis Moderate: Red Hat Advanced Cluster Management 2211 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 2211 General Availability release images, which provide one or more container updates and bug fixesRed Hat Product Security has rated this update as ...

The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 229 through 233, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system This is related to netgroupcachec ...

Critical Infrastructure Sectors: Critical Manufacturing

CWE-415 https://sourceware.org/bugzilla/show_bug.cgi?id=27462 https://security.gentoo.org/glsa/202107-07 https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983479 https://nvd.nist.gov https://ubuntu.com/security/notices/USN-5310-1 https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10

CVE-2021-27645

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect