Double-Free Vulnerability in GNU C Library's Nameserver Caching Daemon (nscd) Leads to Local Denial of Service

Double-Free Vulnerability in GNU C Library's Nameserver Caching Daemon (nscd) Leads to Local Denial of Service

CVE-2021-27645 · LOW Severity

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.

Learn more about our Cis Benchmark Audit For Server Software.