mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.2 KiB
1.2 KiB
CVE-2021-33574
Description
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.
POC
Reference
No PoCs from references.
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Azure/publish-security-assessments
- https://github.com/actions-marketplace-validations/Azure_publish-security-assessments
- https://github.com/dispera/giant-squid
- https://github.com/kenlavbah/log4jnotes
- https://github.com/madchap/opa-tests
- https://github.com/nedenwalker/spring-boot-app-using-gradle
- https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln
- https://github.com/ruzickap/cks-notes
- https://github.com/thegeeklab/audit-exporter