2 matches found
CLSA-2021-1635459213 Fix CVE(s): CVE-2021-33574, CVE-2021-38604, CVE-2021-35942
debian/patches/any/add-pthread-attr-copy.patch: adopt pthreadattrcopy functionality. debian/patches/any/add-test-for-pthread-attr-copy.patch: add test case for it. SECURITY UPDATE: Use-after-free in mqnotify - debian/patches/any/CVE-2021-33574.patch: use pthreadattrcopy to completely duplicate...
In librt in the GNU C Library (aka glibc) through 2.34 sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.
...