Advisory: The recent fix for CVE-2021-33574 released in MGASA-2021-0308 introduced a NULL pointer dereference that will result in segmentation fault. This update adds the missing NULL pointer check to resolve this issue. SRPM: glibc-2.32-18.mga8.src.rpm i586: glibc-2.32-18.mga8.i586.rpm glibc-devel-2.32-18.mga8.i586.rpm glibc-doc-2.32-18.mga8.noarch.rpm glibc-i18ndata-2.32-18.mga8.i586.rpm glibc-profile-2.32-18.mga8.i586.rpm glibc-static-devel-2.32-18.mga8.i586.rpm glibc-utils-2.32-18.mga8.i586.rpm nscd-2.32-18.mga8.i586.rpm x86_64: glibc-2.32-18.mga8.x86_64.rpm glibc-devel-2.32-18.mga8.x86_64.rpm glibc-doc-2.32-18.mga8.noarch.rpm glibc-i18ndata-2.32-18.mga8.x86_64.rpm glibc-profile-2.32-18.mga8.x86_64.rpm glibc-static-devel-2.32-18.mga8.x86_64.rpm glibc-utils-2.32-18.mga8.x86_64.rpm nscd-2.32-18.mga8.x86_64.rpm
MGA8-Plasma, Phys Hardware The following 8 packages are going to be installed: - firefox-78.13.0-1.mga8.x86_64 - firefox-en_CA-78.13.0-1.mga8.noarch - firefox-en_GB-78.13.0-1.mga8.noarch - firefox-en_US-78.13.0-1.mga8.noarch - glibc-2.32-18.mga8.x86_64 - glibc-devel-2.32-18.mga8.x86_64 - lib64nss3-3.69.0-1.mga8.x86_64 - nss-3.69.0-1.mga8.x86_64 -- rebooted System is behaving normally.
CC: (none) => brtians1
mga8, x64. Intel, nvidia. Installed the 8 packages, ran `dracut -f` and rebooted. No obvious problems. Had a look at glibc-utils but could not get memusage to work.
CC: (none) => tarazed25
"memusage -p memusage.png /usr/bin/ls" works, with the graph stored in the png file.
CC: (none) => davidwhodgins
Ah, so its does. I was starting a program like stellarium and running this: $ memusage --progname=/bin/stellarium -p stellarium.png No program name given Thanks Dave.
Whiteboard: (none) => MGA8-64-OK
Keywords: (none) => advisory, validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0404.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED
This is CVE-2021-38604: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
Summary: Update request: glibc-2.32-18.mga8 => Update request: glibc-2.32-18.mga8 (fixes CVE-2021-38604)