### [CVE-2021-33574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)

### Description

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Azure/publish-security-assessments
- https://github.com/actions-marketplace-validations/Azure_publish-security-assessments
- https://github.com/dispera/giant-squid
- https://github.com/kenlavbah/log4jnotes
- https://github.com/madchap/opa-tests
- https://github.com/nedenwalker/spring-boot-app-using-gradle
- https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln
- https://github.com/ruzickap/cks-notes
- https://github.com/thegeeklab/audit-exporter