807935 – (CVE-2021-38604) <sys-libs/glibc-2.33-r7: NULL pointer dereference (CVE-2021-38604)

Bug 807935 (CVE-2021-38604) - <sys-libs/glibc-2.33-r7: NULL pointer dereference (CVE-2021-38604)

Summary: <sys-libs/glibc-2.33-r7: NULL pointer dereference (CVE-2021-38604)

Status:	RESOLVED FIXED

Alias:	CVE-2021-38604

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:	https://sourceware.org/bugzilla/show_...
Whiteboard:	A4 [glsa+]
Keywords:

Depends on:	libxcrypt-stable
Blocks:
	Show dependency tree

Reported:	2021-08-12 23:46 UTC by John Helmert III
Modified:	2022-08-14 14:41 UTC (History)
CC List:	2 users (show)

See Also:	CVE-2021-33574
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2021-08-12 23:46:32 UTC

CVE-2021-38604:

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.

Patch: https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8

Comment 1 Sam James archtester

2021-08-18 03:37:00 UTC

We're waiting for news on a backport.

Comment 2 Larry the Git Cow gentoo-dev

2021-08-18 18:01:13 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7fb14f0b1a2d1e590437487be9a6a2c278aafd60

commit 7fb14f0b1a2d1e590437487be9a6a2c278aafd60
Author:     Andreas K. Hüttel <dilfridge@gentoo.org>
AuthorDate: 2021-08-18 18:00:28 +0000
Commit:     Andreas K. Hüttel <dilfridge@gentoo.org>
CommitDate: 2021-08-18 18:01:02 +0000

    sys-libs/glibc: Bump 2.34 patchlevel to 2 (unkeyworded)
    
    Bug: https://bugs.gentoo.org/807935
    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

 sys-libs/glibc/Manifest          | 2 +-
 sys-libs/glibc/glibc-2.34.ebuild | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8c150cdb5bc5d9fc84079cc764957b7823c3bf43

commit 8c150cdb5bc5d9fc84079cc764957b7823c3bf43
Author:     Andreas K. Hüttel <dilfridge@gentoo.org>
AuthorDate: 2021-08-18 17:56:02 +0000
Commit:     Andreas K. Hüttel <dilfridge@gentoo.org>
CommitDate: 2021-08-18 18:00:55 +0000

    sys-libs/glibc: 2.33 revision/patchlevel 6 bump
    
    Bug: https://bugs.gentoo.org/807935
    Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=28213
    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

 sys-libs/glibc/Manifest             |    1 +
 sys-libs/glibc/glibc-2.33-r7.ebuild | 1551 +++++++++++++++++++++++++++++++++++
 2 files changed, 1552 insertions(+)

Comment 3 John Helmert III archtester

2022-08-14 05:20:44 UTC

GLSA request filed

Comment 4 Larry the Git Cow gentoo-dev

2022-08-14 14:34:44 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=db5361e1e42ef0dfb4d6eda6648cae61bea60edf

commit db5361e1e42ef0dfb4d6eda6648cae61bea60edf
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-08-14 14:29:01 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-08-14 14:33:57 +0000

    [ GLSA 202208-24 ] GNU C Library: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/803437
    Bug: https://bugs.gentoo.org/807935
    Bug: https://bugs.gentoo.org/831096
    Bug: https://bugs.gentoo.org/831212
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Sam James <sam@gentoo.org>

 glsa-202208-24.xml | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

Comment 5 Sam James archtester

2022-08-14 14:41:40 UTC

GLSA done, all done.