A flaw was found in the GNU C library (glibc), where the sysdeps/unix/sysv/linux/mq_notify.c function mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. The highest threat from this vulnerability is to system availability.

References

bugzilla.redhat.com/show_bug.cgi?id=1993517

nvd.nist.gov/vuln/detail/CVE-2021-38604

www.cve.org/CVERecord?id=CVE-2021-38604

nessus 44

mageia 2

openvas 32

ubuntucve 2

osv 5

cve 2

nvd 2

amazon 2

debiancve 2

cvelist 2

prion 2

cloudlinux 1

cbl_mariner 3

fedora 3

photon 14

redhatcve 1

veracode 1

ibm 8

f5 1

suse 2

almalinux 1

oraclelinux 2

rocky 1

redhat 18

gentoo 2

debian 1

ics 2

oracle 4

avleonov 1

nessus

Amazon Linux 2 : glibc (ALAS-2023-2371)

2023-12-04 00:00:00

Photon OS 1.0: Glibc PHSA-2021-1.0-0428

2021-08-27 00:00:00

Photon OS 3.0: Glibc PHSA-2021-3.0-0295

2021-09-07 00:00:00

mageia

Updated glibc packages fix security issue

2021-08-14 17:00:09

Updated glibc packages fix security vulnerability

2021-07-01 02:58:41

openvas

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-2709)

2021-11-12 00:00:00

Mageia: Security Advisory (MGASA-2021-0404)

2022-01-28 00:00:00

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-2684)

2021-11-12 00:00:00

ubuntucve

CVE-2021-33574

2021-05-25 00:00:00

CVE-2021-38604

2021-08-12 00:00:00

osv

CVE-2021-38604

2021-08-12 16:15:10

CVE-2021-33574

2021-05-25 22:15:10

Moderate: glibc security, bug fix, and enhancement update

2021-11-09 09:08:59

cve

CVE-2021-38604

2021-08-12 16:15:10

CVE-2021-33574

2021-05-25 22:15:10

nvd

CVE-2021-38604

2021-08-12 16:15:10

CVE-2021-33574

2021-05-25 22:15:10

amazon

Medium: glibc

2023-11-29 22:20:00

Low: glibc

2022-01-18 21:37:00

debiancve

CVE-2021-38604

2021-08-12 16:15:10

CVE-2021-33574

2021-05-25 22:15:10

cvelist

CVE-2021-38604

2021-08-12 15:43:34

CVE-2021-33574

2021-05-25 00:00:00

prion

Null pointer dereference

2021-08-12 16:15:00

Design/Logic Flaw

2021-05-25 22:15:00

cloudlinux

Fix of CVE: CVE-2021-33574, CVE-2021-35942, CVE-2021-38604

2021-08-19 17:44:27

cbl_mariner

CVE-2021-38604 affecting package glibc 2.28-24

2021-10-05 03:00:55

CVE-2021-38604 affecting package glibc for versions less than 2.35-1

2022-04-26 20:17:01

CVE-2021-33574 affecting package glibc 2.28-22

2021-10-05 03:00:55

fedora

[SECURITY] Fedora 35 Update: glibc-2.34-6.fc35

2021-09-29 00:20:37

[SECURITY] Fedora 34 Update: glibc-2.33-16.fc34

2021-06-14 01:06:20

[SECURITY] Fedora 33 Update: glibc-2.32-8.fc33

2021-07-07 01:04:22

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0428

2021-08-26 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0401

2021-06-09 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0354

2021-06-09 00:00:00

redhatcve

CVE-2021-33574

2021-05-27 23:10:50

veracode

Denial Of Service (DoS)

2021-11-17 22:36:20

ibm

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

2021-12-15 06:21:22

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.

2021-12-22 10:07:47

Security Bulletin: IBM Sterling Connect:Direct for UNIX Certified Container is affected by multiple vulnerabilities in Red Hat Universal Base Image version 8.4-206.1626828523 and Binutils version 2.30-93

2022-03-14 20:12:12

K43700555 : GNU C Library (glibc) vulnerability CVE-2021-33574

2021-09-24 00:00:00

suse

Security update for glibc (moderate)

2021-10-06 00:00:00

Security update for glibc (moderate)

2021-10-18 00:00:00

almalinux

Moderate: glibc security, bug fix, and enhancement update

2021-11-09 09:08:59

oraclelinux

glibc security, bug fix, and enhancement update

2021-11-16 00:00:00

glibc security update

2021-11-23 00:00:00

rocky

glibc security, bug fix, and enhancement update

2021-11-09 09:08:59

redhat

(RHSA-2021:4358) Moderate: glibc security, bug fix, and enhancement update

2021-11-09 09:08:59

(RHSA-2022:0434) Moderate: Release of OpenShift Serverless 1.20.0

2022-02-03 17:07:25

(RHSA-2022:0318) Moderate: Red Hat OpenShift distributed tracing 2.1.0 security update

2022-01-27 16:46:55

gentoo

glibc: Multiple vulnerabilities

2021-07-06 00:00:00

GNU C Library: Multiple Vulnerabilities

2022-08-14 00:00:00

debian

[SECURITY] [DLA 3152-1] glibc security update

2022-10-17 15:54:41

ics

Siemens SIMATIC S7-1500 TM MFP BIOS

2023-06-15 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

oracle

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

Oracle Critical Patch Update Advisory - July 2022

2022-07-19 00:00:00

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

avleonov

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

2022-12-30 18:03:13

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.017 Low

EPSS

Percentile

87.9%

JSON

Related for RH:CVE-2021-38604