Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 792261 (CVE-2021-33574) - <sys-libs/glibc-2.33-r1: Use-after-free in mq_notify (CVE-2021-33574)
Summary: <sys-libs/glibc-2.33-r1: Use-after-free in mq_notify (CVE-2021-33574)
Status: CONFIRMED
Alias: CVE-2021-33574
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://sourceware.org/bugzilla/show_...
Whiteboard: A3 [glsa+ stable cve]
Keywords: CC-ARCHES
Depends on:
Blocks:
 
Reported: 2021-05-26 16:41 UTC by Sam James
Modified: 2021-07-31 22:45 UTC (History)
2 users (show)

See Also:
Package list:
sys-libs/glibc-2.33-r1
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2021-05-26 16:41:45 UTC
Description:
"The mq_notify function in the GNU C Library (aka glibc) through 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact."
Comment 1 Sam James archtester gentoo-dev Security 2021-06-01 15:53:17 UTC
Fixed in 2.34, not got the commit to hand...
Comment 2 Sam James archtester gentoo-dev Security 2021-06-13 14:20:31 UTC
Any news on backport?
Comment 3 Sam James archtester gentoo-dev Security 2021-06-13 14:21:48 UTC
(In reply to Sam James from comment #2)
> Any news on backport?

Oh, I see it in the branch now.
Comment 4 Andreas K. Hüttel gentoo-dev 2021-06-15 08:59:51 UTC
Fixed in 2.33-r1 too.
Comment 5 Andreas K. Hüttel gentoo-dev 2021-07-02 22:15:47 UTC
arches please *test* and stabilize sys-libs/glibc-2.33-r1

please make tests only block if they are regressions compared to 2.33(-r0)

currently I get the same three test failures for 2.33 and 2.33-r1:
FAIL: stdlib/tst-system
FAIL: string/tst-strerror
FAIL: string/tst-strsignal
Comment 6 Rolf Eike Beer archtester 2021-07-04 10:38:10 UTC
hppa stable
Comment 7 Sam James archtester gentoo-dev Security 2021-07-05 03:25:34 UTC
amd64 done
Comment 8 Agostino Sarubbo gentoo-dev 2021-07-05 06:59:51 UTC
x86 stable
Comment 9 Rolf Eike Beer archtester 2021-07-05 14:52:30 UTC
sparc stable
Comment 10 John Helmert III gentoo-dev Security 2021-07-05 23:39:29 UTC
Added to existing request
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2021-07-06 03:42:08 UTC
This issue was resolved and addressed in
 GLSA 202107-07 at https://security.gentoo.org/glsa/202107-07
by GLSA coordinator John Helmert III (ajak).
Comment 12 John Helmert III gentoo-dev Security 2021-07-06 03:42:52 UTC
Reopening for stabilization and cleanup
Comment 13 Georgy Yakovlev gentoo-dev 2021-07-08 19:27:16 UTC
ppc64 stable
Comment 14 Sam James archtester gentoo-dev Security 2021-07-09 04:22:47 UTC
arm done
Comment 15 Sam James archtester gentoo-dev Security 2021-07-09 04:22:49 UTC
arm64 done
Comment 16 Andreas K. Hüttel gentoo-dev 2021-07-31 22:45:48 UTC
ppc: ping pretty please