Bug 29142

Summary: glibc new security issue CVE-2021-33574
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: andrewsfarm, ouaurelien, sysadmin-bugs
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK
Source RPM: glibc-2.32-15.mga8.src.rpm CVE: CVE-2021-33574
Status comment:

Description David Walser 2021-06-16 19:33:39 CEST 
Fedora has issued an advisory on June 14:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/

The issue is fixed upstream in 2.34.

Mageia 8 is also affected.
David Walser 2021-06-16 19:33:49 CEST

Whiteboard: (none) => MGA8TOO
Status comment: (none) => Fixed upstream in 2.34

Comment 1 Thomas Backlund 2021-06-23 20:44:39 CEST 
rpms for tests... advisory will follow...

SRPMS:
glibc-2.32-16.mga8.src.rpm


i586:
glibc-2.32-16.mga8.i586.rpm
glibc-devel-2.32-16.mga8.i586.rpm
glibc-doc-2.32-16.mga8.noarch.rpm
glibc-i18ndata-2.32-16.mga8.i586.rpm
glibc-profile-2.32-16.mga8.i586.rpm
glibc-static-devel-2.32-16.mga8.i586.rpm
glibc-utils-2.32-16.mga8.i586.rpm
nscd-2.32-16.mga8.i586.rpm


x86_64:
glibc-2.32-16.mga8.x86_64.rpm
glibc-devel-2.32-16.mga8.x86_64.rpm
glibc-doc-2.32-16.mga8.noarch.rpm
glibc-i18ndata-2.32-16.mga8.x86_64.rpm
glibc-profile-2.32-16.mga8.x86_64.rpm
glibc-static-devel-2.32-16.mga8.x86_64.rpm
glibc-utils-2.32-16.mga8.x86_64.rpm
nscd-2.32-16.mga8.x86_64.rpm

Whiteboard: MGA8TOO => (none)
Assignee: tmb => qa-bugs
Version: Cauldron => 8

Comment 2 Thomas Backlund 2021-06-25 14:37:45 CEST 
Advisory, added to svn:

ype: security
subject: Updated glibc packages fix security vulnerability
CVE:
 - CVE-2021-33574
src:
  8:
   core:
     - glibc-2.32-16.mga8
description: |
  The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and
  2.33 has a use-after-free. It may use the notification thread attributes
  object (passed through its struct sigevent parameter) after it has been
  freed by the caller, leading to a denial of service (application crash)
  or possibly unspecified other impact (CVE-2021-33574).

  Other fixes in this update:
  - fix triggers so ldconfig is always run on both installing and
    uninstalling libs (mga#28797)
  - Fix SXID_ERASE behavior in setuid programs [BZ#27471]
references:
 - https://bugs.mageia.org/show_bug.cgi?id=29142
 - https://bugs.mageia.org/show_bug.cgi?id=28797
 - https://sourceware.org/bugzilla/show_bug.cgi?id=27471

Keywords: (none) => advisory

Comment 3 Aurelien Oudelet 2021-06-29 15:38:58 CEST 
$ inxi -Sxx
System:    Host: mageia.local Kernel: 5.10.45-1.mga8 x86_64 bits: 64 compiler: gcc v: 10.3.0 
           Desktop: KDE Plasma 5.20.4 tk: Qt 5.15.2 wm: kwin_x11 dm: SDDM Distro: Mageia 8 mga8

Running this since day one.
No issue so far.

MGA8-64-OK

Source RPM: glibc-2.33-11.mga9.src.rpm => glibc-2.32-15.mga8.src.rpm
CVE: (none) => CVE-2021-33574
Status comment: Fixed upstream in 2.34 => (none)
Whiteboard: (none) => MGA8-64-OK
CC: (none) => ouaurelien

Comment 4 Thomas Andrews 2021-06-30 14:19:59 CEST 
Validating, advisory already loaded.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Comment 5 Mageia Robot 2021-07-01 02:00:42 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0308.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED