Vulnerability CVE-2021-33574

Vulnerability Name:

CVE-2021-33574 (CCN-202550)

Assigned:

2021-05-21

Published:

2021-05-21

Updated:

2022-11-08

Summary:

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.6 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.9 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.2 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-416

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2021-33574

Source: XF
Type: UNKNOWN
gnuglibc-cve202133574-dos(202550)

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-f29b4643c7

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-7ddb8b0537

Source: GENTOO
Type: Third Party Advisory
GLSA-202107-07

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20210629-0005/

Source: CCN
Type: Sourceware Bugzilla - Bug 27896
(CVE-2021-33574) - mq_notify does not handle separately allocated thread attributes (CVE-2021-33574)

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://sourceware.org/bugzilla/show_bug.cgi?id=27896

Source: MISC
Type: Issue Tracking
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1

Source: CCN
Type: GNU Web site
glibc

Source: CCN
Type: IBM Security Bulletin 6526524 (App Connect Professional)
App Connect Professional is affected by GNU C Library vulnerability

Source: CCN
Type: IBM Security Bulletin 6536650 (App Connect Professional)
App Connect Professional is affected by GNU C Library vulnerability.

Source: CCN
Type: IBM Security Bulletin 6541298 (Cloud Pak for Automation)
Multiple security vulnerabilities fixed in Cloud Pak for Automation components

Source: CCN
Type: IBM Security Bulletin 6551876 (Cloud Pak for Security)
Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Source: CCN
Type: IBM Security Bulletin 6560126 (Sterling Connect:Direct for UNIX Certified Container)
IBM Sterling Connect:Direct for UNIX Certified Container is affected by multiple vulnerabilities in Red Hat Universal Base Image version 8.4-206.1626828523 and Binutils version 2.30-93

Source: CCN
Type: IBM Security Bulletin 6856409 (Cloud Pak for Security)
IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:glibc:2.33:*:*:*:*:*:*:*

OR cpe:/a:gnu:glibc:2.32:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:netapp:cloud_backup:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:* (Version >= 11.0 and <= 11.70.1)

OR cpe:/o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 6:

cpe:/o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 7:

cpe:/o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 8:

cpe:/o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 9:

cpe:/o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 10:

cpe:/o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 11:

cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:glibc:2.33:*:*:*:*:*:*:*

AND

cpe:/a:ibm:cloud_pak_for_automation:21.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:21.0.2:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.10.6.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8010	P	glibc-devel-32bit-2.31-150300.46.1 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7510	P	glibc-2.31-150300.46.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51966	P	Security update for tiff (Important)	2022-11-28
oval:org.opensuse.security:def:783	P	Security update for the Linux Kernel (Important)	2022-09-26
oval:org.opensuse.security:def:3684	P	Security update for MozillaFirefox (Important)	2022-08-01
oval:org.opensuse.security:def:95407	P	Security update for salt (Important)	2022-07-06
oval:org.opensuse.security:def:3500	P	git-core-2.12.3-27.17.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3385	P	tpm2.0-tools-3.1.4-1.12 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:2935	P	glibc-2.31-150300.20.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94565	P	glibc-2.31-150300.20.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94612	P	libXinerama-devel-1.1.3-1.22 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95015	P	glibc-devel-32bit-2.31-150300.20.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94918	P	imlib2-loaders-1.4.10-1.28 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:4577	P	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP5) (Important)	2022-04-15
oval:org.opensuse.security:def:102120	P	Security update for protobuf (Moderate)	2022-03-30
oval:org.opensuse.security:def:100058	P	(Important)	2022-03-30
oval:org.opensuse.security:def:101631	P	Security update for wireshark (Moderate)	2022-02-14
oval:org.opensuse.security:def:112305	P	glibc-2.34-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:6188	P	Security update for the Linux Kernel (Important)	2022-01-14
oval:org.opensuse.security:def:99747	P	(Moderate)	2022-01-11
oval:org.opensuse.security:def:1126	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:42223	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:74734	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:101514	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:64773	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:67277	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:101804	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:73895	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:76345	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:111732	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:65666	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:4509	P	Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) (Important)	2021-11-17
oval:com.redhat.rhsa:def:20214358	P	RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate)	2021-11-09
oval:org.opensuse.security:def:99154	P	(Important)	2021-10-26
oval:org.opensuse.security:def:111093	P	Security update for glibc (Moderate)	2021-10-18
oval:org.opensuse.security:def:42127	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:74666	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:92598	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:106039	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:9408	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:69739	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:64589	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:98959	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:107991	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:10349	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:92009	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:8661	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:66948	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:92797	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:106238	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:9599	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:69938	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:108297	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:73711	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:92204	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:105649	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:8848	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:76016	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:106437	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:9798	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:70302	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:5859	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:65598	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:99349	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:117505	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:108786	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:92399	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:105844	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:9043	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:69548	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:101325	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:106724	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:10162	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:70489	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:99548	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:117811	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:30133	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:83460	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:100662	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:5127	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:32197	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:57104	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:86153	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:93579	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:23978	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:99681	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:125611	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:34554	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:59547	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:88516	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:94399	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:30253	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:55253	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:84218	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:5876	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:33017	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:57512	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:86661	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:93762	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:26140	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:82637	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:99997	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:126778	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:59805	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:89202	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:31281	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:55956	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:84677	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:93105	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:99146	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:33724	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:58020	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:87481	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:93976	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:29430	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:51671	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:83340	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:100333	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:127175	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:60377	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:89460	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:31689	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:56076	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:85745	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:93265	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:23683	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:99418	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:33982	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:58840	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:88199	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:94188	P	(Moderate)	2021-10-06
oval:org.opensuse.security:def:38146	P	Security update for glibc (Moderate)	2021-10-04
oval:org.opensuse.security:def:44653	P	Security update for glibc (Moderate)	2021-10-04
oval:org.opensuse.security:def:40223	P	Security update for glibc (Moderate)	2021-10-04
oval:org.opensuse.security:def:45764	P	Security update for glibc (Moderate)	2021-10-04
oval:org.opensuse.security:def:41334	P	Security update for glibc (Moderate)	2021-10-04
oval:org.opensuse.security:def:105828	P	glibc-2.34-1.2 on GA media (Moderate)	2021-10-01

BACK