Skip to main content

CVE-2021-27645: n/a in n/a

Low
VulnerabilityCVE-2021-27645cvecve-2021-27645
Published: Wed Feb 24 2021 (02/24/2021, 00:00:00 UTC)
Source: CVE Database V5
Vendor/Project: n/a
Product: n/a

Description

The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.

AI-Powered Analysis

AILast updated: 07/10/2025, 20:20:08 UTC

Technical Analysis

CVE-2021-27645 is a vulnerability in the nameserver caching daemon (nscd) component of the GNU C Library (glibc), versions 2.29 through 2.33. The issue arises when nscd processes a request for netgroup lookup, where a double-free condition occurs in the netgroupcache.c source code. A double-free vulnerability happens when a program attempts to free the same memory location twice, which can lead to undefined behavior including program crashes or memory corruption. In this case, the double-free causes the nscd process to crash, resulting in a denial of service (DoS) condition on the local system. Since nscd is responsible for caching name service requests such as hostname and netgroup lookups, its failure can degrade system performance and availability of name resolution services. The vulnerability requires local access with low privileges (PR:L) and has a high attack complexity (AC:H), meaning exploitation is not straightforward. No user interaction is needed (UI:N), and the scope is unchanged (S:U). The CVSS v3.1 base score is 2.5, indicating a low severity primarily due to the limited impact (availability only) and difficulty of exploitation. There are no known exploits in the wild, and no patches are linked in the provided data, but it is expected that distributions have addressed this in glibc updates following disclosure. The vulnerability is categorized under CWE-415 (Double Free).

Potential Impact

For European organizations, the impact of CVE-2021-27645 is generally limited but still relevant. Systems running vulnerable versions of glibc with nscd enabled may experience local denial of service if an attacker with local access triggers the netgroup lookup path. This can disrupt name resolution caching, potentially degrading performance or causing service interruptions on critical infrastructure relying on nscd for efficient hostname or netgroup resolution. While the vulnerability does not allow remote exploitation or privilege escalation, insider threats or compromised local accounts could leverage this to cause service degradation. In environments with strict uptime requirements, such as financial institutions, telecommunications, or critical infrastructure operators in Europe, even localized DoS can have operational consequences. However, given the low severity and complexity, the overall risk is moderate to low, especially if systems are regularly updated and monitored.

Mitigation Recommendations

European organizations should ensure that all systems running glibc versions 2.29 through 2.33 are updated to versions where this vulnerability is patched. Since no direct patch links are provided, administrators should consult their Linux distribution vendors (e.g., Debian, Ubuntu, Red Hat, SUSE) for glibc security updates and apply them promptly. Additionally, if nscd is not required, consider disabling the service to reduce the attack surface. For systems that must run nscd, restrict local access to trusted users only and monitor for unusual crashes or service disruptions related to nscd. Implementing strict access controls and auditing local user activities can help detect attempts to exploit this vulnerability. Finally, ensure that system and application logs are collected and analyzed to identify potential exploitation attempts or anomalous behavior related to name service caching.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2021-02-24T00:00:00.000Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 68487f5e1b0bd07c3938faa0

Added to database: 6/10/2025, 6:54:22 PM

Last enriched: 7/10/2025, 8:20:08 PM

Last updated: 8/9/2025, 10:21:28 PM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats