Unrated severityNVD Advisory· Published Aug 12, 2021· Updated May 30, 2025

CVE-2021-38604

Description

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

GNU C Library/GNU C Librarydescription
GNU/C Libraryllm-fuzzy
Range: <=2.34

Patches

Vulnerability mechanics

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/mitrevendor-advisoryx_refsource_FEDORA
security.gentoo.org/glsa/202208-24mitrevendor-advisoryx_refsource_GENTOO
blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibcmitrex_refsource_MISC
security.netapp.com/advisory/ntap-20210909-0005/mitrex_refsource_CONFIRM
sourceware.org/bugzilla/show_bug.cgimitrex_refsource_MISC
sourceware.org/git/mitrex_refsource_MISC
sourceware.org/git/mitrex_refsource_MISC
www.oracle.com/security-alerts/cpujul2022.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000