Vulnerabilities

CVE-2021-33574

by Fred · 25/05/2021

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.

Date published : 2021-05-25

https://security.netapp.com/advisory/ntap-20210629-0005/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/

Similar

Tags: Cybersecurity Alert