CVE-2021-27645 is a vulnerability in the nameserver caching daemon (nscd) component of the GNU C Library (glibc), versions 2.29 through 2.33. The issue arises when nscd processes a request for netgroup lookup, where a double-free condition occurs in the netgroupcache.c source code. A double-free vulnerability happens when a program attempts to free the same memory location twice, which can lead to undefined behavior including program crashes or memory corruption. In this case, the double-free causes the nscd process to crash, resulting in a denial of service (DoS) condition on the local system. Since nscd is responsible for caching name service requests such as hostname and netgroup lookups, its failure can degrade system performance and availability of name resolution services. The vulnerability requires local access with low privileges (PR:L) and has a high attack complexity (AC:H), meaning exploitation is not straightforward. No user interaction is needed (UI:N), and the scope is unchanged (S:U). The CVSS v3.1 base score is 2.5, indicating a low severity primarily due to the limited impact (availability only) and difficulty of exploitation. There are no known exploits in the wild, and no patches are linked in the provided data, but it is expected that distributions have addressed this in glibc updates following disclosure. The vulnerability is categorized under CWE-415 (Double Free).

For European organizations, the impact of CVE-2021-27645 is generally limited but still relevant. Systems running vulnerable versions of glibc with nscd enabled may experience local denial of service if an attacker with local access triggers the netgroup lookup path. This can disrupt name resolution caching, potentially degrading performance or causing service interruptions on critical infrastructure relying on nscd for efficient hostname or netgroup resolution. While the vulnerability does not allow remote exploitation or privilege escalation, insider threats or compromised local accounts could leverage this to cause service degradation. In environments with strict uptime requirements, such as financial institutions, telecommunications, or critical infrastructure operators in Europe, even localized DoS can have operational consequences. However, given the low severity and complexity, the overall risk is moderate to low, especially if systems are regularly updated and monitored.

European organizations should ensure that all systems running glibc versions 2.29 through 2.33 are updated to versions where this vulnerability is patched. Since no direct patch links are provided, administrators should consult their Linux distribution vendors (e.g., Debian, Ubuntu, Red Hat, SUSE) for glibc security updates and apply them promptly. Additionally, if nscd is not required, consider disabling the service to reduce the attack surface. For systems that must run nscd, restrict local access to trusted users only and monitor for unusual crashes or service disruptions related to nscd. Implementing strict access controls and auditing local user activities can help detect attempts to exploit this vulnerability. Finally, ensure that system and application logs are collected and analyzed to identify potential exploitation attempts or anomalous behavior related to name service caching.