In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.

References

blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/

security.gentoo.org/glsa/202208-24

security.netapp.com/advisory/ntap-20210909-0005/

sourceware.org/bugzilla/show_bug.cgi?id=28213

sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641

sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8

www.oracle.com/security-alerts/cpujul2022.html

nessus 44

mageia 2

openvas 32

ubuntucve 2

osv 5

redhatcve 2

cve 2

nvd 2

amazon 2

prion 2

debiancve 2

cloudlinux 1

cbl_mariner 3

fedora 3

photon 14

veracode 1

ibm 8

f5 1

cvelist 1

suse 2

almalinux 1

oraclelinux 2

rocky 1

redhat 18

gentoo 2

debian 1

ics 2

oracle 4

avleonov 1

nessus

Amazon Linux 2 : glibc (ALAS-2023-2371)

2023-12-04 00:00:00

Photon OS 1.0: Glibc PHSA-2021-1.0-0428

2021-08-27 00:00:00

Photon OS 3.0: Glibc PHSA-2021-3.0-0295

2021-09-07 00:00:00

mageia

Updated glibc packages fix security issue

2021-08-14 17:00:09

Updated glibc packages fix security vulnerability

2021-07-01 02:58:41

openvas

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-2709)

2021-11-12 00:00:00

Mageia: Security Advisory (MGASA-2021-0404)

2022-01-28 00:00:00

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-2684)

2021-11-12 00:00:00

ubuntucve

CVE-2021-33574

2021-05-25 00:00:00

CVE-2021-38604

2021-08-12 00:00:00

osv

CVE-2021-38604

2021-08-12 16:15:10

CVE-2021-33574

2021-05-25 22:15:10

Moderate: glibc security, bug fix, and enhancement update

2021-11-09 09:08:59

redhatcve

CVE-2021-38604

2021-08-13 17:50:02

CVE-2021-33574

2021-05-27 23:10:50

cve

CVE-2021-38604

2021-08-12 16:15:10

CVE-2021-33574

2021-05-25 22:15:10

nvd

CVE-2021-38604

2021-08-12 16:15:10

CVE-2021-33574

2021-05-25 22:15:10

amazon

Medium: glibc

2023-11-29 22:20:00

Low: glibc

2022-01-18 21:37:00

prion

Null pointer dereference

2021-08-12 16:15:00

Design/Logic Flaw

2021-05-25 22:15:00

debiancve

CVE-2021-38604

2021-08-12 16:15:10

CVE-2021-33574

2021-05-25 22:15:10

cloudlinux

Fix of CVE: CVE-2021-33574, CVE-2021-35942, CVE-2021-38604

2021-08-19 17:44:27

cbl_mariner

CVE-2021-38604 affecting package glibc 2.28-24

2021-10-05 03:00:55

CVE-2021-38604 affecting package glibc for versions less than 2.35-1

2022-04-26 20:17:01

CVE-2021-33574 affecting package glibc 2.28-22

2021-10-05 03:00:55

fedora

[SECURITY] Fedora 35 Update: glibc-2.34-6.fc35

2021-09-29 00:20:37

[SECURITY] Fedora 34 Update: glibc-2.33-16.fc34

2021-06-14 01:06:20

[SECURITY] Fedora 33 Update: glibc-2.32-8.fc33

2021-07-07 01:04:22

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0428

2021-08-26 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0401

2021-06-09 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0354

2021-06-09 00:00:00

veracode

Denial Of Service (DoS)

2021-11-17 22:36:20

ibm

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

2021-12-15 06:21:22

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.

2021-12-22 10:07:47

Security Bulletin: IBM Sterling Connect:Direct for UNIX Certified Container is affected by multiple vulnerabilities in Red Hat Universal Base Image version 8.4-206.1626828523 and Binutils version 2.30-93

2022-03-14 20:12:12

K43700555 : GNU C Library (glibc) vulnerability CVE-2021-33574

2021-09-24 00:00:00

cvelist

CVE-2021-33574

2021-05-25 00:00:00

suse

Security update for glibc (moderate)

2021-10-06 00:00:00

Security update for glibc (moderate)

2021-10-18 00:00:00

almalinux

Moderate: glibc security, bug fix, and enhancement update

2021-11-09 09:08:59

oraclelinux

glibc security, bug fix, and enhancement update

2021-11-16 00:00:00

glibc security update

2021-11-23 00:00:00

rocky

glibc security, bug fix, and enhancement update

2021-11-09 09:08:59

redhat

(RHSA-2021:4358) Moderate: glibc security, bug fix, and enhancement update

2021-11-09 09:08:59

(RHSA-2022:0434) Moderate: Release of OpenShift Serverless 1.20.0

2022-02-03 17:07:25

(RHSA-2022:0318) Moderate: Red Hat OpenShift distributed tracing 2.1.0 security update

2022-01-27 16:46:55

gentoo

glibc: Multiple vulnerabilities

2021-07-06 00:00:00

GNU C Library: Multiple Vulnerabilities

2022-08-14 00:00:00

debian

[SECURITY] [DLA 3152-1] glibc security update

2022-10-17 15:54:41

ics

Siemens SIMATIC S7-1500 TM MFP BIOS

2023-06-15 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

oracle

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

Oracle Critical Patch Update Advisory - July 2022

2022-07-19 00:00:00

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

avleonov

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

2022-12-30 18:03:13

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.7 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.9%

JSON

Related for CVELIST:CVE-2021-38604