MGASA-2021-0308
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 30 Jun 2021, 23:58
Last modified:16 Apr 2026, 04:24
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
30 Jun 2021, 23:58
Published
Vulnerability first disclosed
16 Apr 2026, 04:24
Last Modified
Vulnerability information updated
Description
Updated glibc packages fix security vulnerability The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact (CVE-2021-33574). Other fixes in this update: - fix triggers so ldconfig is always run on both installing and uninstalling libs (mga#28797) - Fix SXID_ERASE behavior in setuid programs [BZ#27471]
Affected Systems
- mageia•glibc
< 2.32-16.mga8