oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

The GNU C Library security advisory update for 2026-03-11

From: Siddhesh Poyarekar <siddhesh.poyarekar () gmail com>
Date: Wed, 11 Mar 2026 09:22:35 -0400
Hello,

The following security advisory has been published:

GLIBC-SA-2026-0004:
===================

nscd client crash on x86_64 under high nscd load (CVE-2026-3904)

Calling NSS-backed functions that support caching via nscd may call the
nscd client side code and in the GNU C Library version 2.36 under high
load on x86_64 systems, the client may call memcmp on inputs that are
concurrently modified by other processes or threads and crash.

Notes:
======

Published advisories are available directly in the project git repository:
https://sourceware.org/git/?p=glibc.git;a=tree;f=advisories;hb=HEAD
Previous By Date Next
Previous By Thread Next

Current thread: