What is CVE-2024-33602?

CVE-2024-33602 is a high-severity vulnerability in Gnu Glibc, classified under CWE-466. CVSS score: 7.4/10. Published 2024-05-06.

How severe is CVE-2024-33602?

High severity. CVSS v3 base score is 7.4 out of 10.

Is CVE-2024-33602 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Gnu Glibc

CVE-2024-33602

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in…

EPSS: 0.007 (73.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.4 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

CWE-466

Public proof-of-concept exploits

References

3ff69d7a-14f2-4f67-a097-88dee7810d18 (Broken Link)
3ff69d7a-14f2-4f67-a097-88dee7810d18 (Third Party Advisory)
3ff69d7a-14f2-4f67-a097-88dee7810d18 (Mailing List, Third Party Advisory)
3ff69d7a-14f2-4f67-a097-88dee7810d18 (Mailing List)
0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

Frequently asked questions

What is CVE-2024-33602?: CVE-2024-33602 is a high-severity vulnerability in Gnu Glibc, classified under CWE-466. CVSS score: 7.4/10. Published 2024-05-06.
How severe is CVE-2024-33602?: High severity. CVSS v3 base score is 7.4 out of 10.
Is CVE-2024-33602 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.