In librt in the GNU C Library (aka glibc) up to and including 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu glibc |
||
fedoraproject fedora 35 |
||
oracle communications cloud native core binding support function 22.1.3 |
||
oracle communications cloud native core network function cloud native environment 22.1.0 |
||
oracle communications cloud native core network repository function 22.1.2 |
||
oracle communications cloud native core network repository function 22.2.0 |
||
oracle communications cloud native core security edge protection proxy 22.1.1 |
||
oracle communications cloud native core unified data repository 22.2.0 |
||
oracle enterprise operations monitor 4.3 |
||
oracle enterprise operations monitor 4.4 |
||
oracle enterprise operations monitor 5.0 |