CLSA-2021-1635459187

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2021-1635459187

Upstream

CVE-2021-33574

CVE-2021-35942

CVE-2021-38604

Published

2021-10-28T22:13:07Z

Modified

2026-06-04T10:03:51.858673842Z

Summary

Fix CVE(s): CVE-2021-33574, CVE-2021-38604, CVE-2021-35942

Details

debian/patches/any/add-pthread-attr-copy.patch: adopt pthreadattrcopy functionality.
debian/patches/any/add-test-for-pthread-attr-copy.patch: add test case for it.
SECURITY UPDATE: Use-after-free in mq_notify
- debian/patches/any/CVE-2021-33574.patch: use _pthreadattrcopy to completely duplicate thread attribute, avoid NULL pointer dereference in helperthread as per CVE-2021-38604.
- CVE-2021-33574
- CVE-2021-38604
SECURITY UPDATE: Out-of-bounds read in wordexp
- debian/patches/any/CVE-2021-35942.patch: use strtoul and 'unsigned long' to prevent signed integer overflow in array index.
- CVE-2021-35942

References

https://errata.cloudlinux.com/ubuntu16_04/CLSA-2021-1635459187

Affected packages

TuxCare:Ubuntu:16.04

glibc-doc

Package

Name: glibc-doc
Purl: pkg:deb/tuxcare/glibc-doc?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

glibc-source

Package

Name: glibc-source
Purl: pkg:deb/tuxcare/glibc-source?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

libc-bin

Package

Name: libc-bin
Purl: pkg:deb/tuxcare/libc-bin?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

libc-dev-bin

Package

Name: libc-dev-bin
Purl: pkg:deb/tuxcare/libc-dev-bin?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

libc6

Package

Name: libc6
Purl: pkg:deb/tuxcare/libc6?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

libc6-dev

Package

Name: libc6-dev
Purl: pkg:deb/tuxcare/libc6-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

libc6-dev-i386

Package

Name: libc6-dev-i386
Purl: pkg:deb/tuxcare/libc6-dev-i386?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

libc6-dev-x32

Package

Name: libc6-dev-x32
Purl: pkg:deb/tuxcare/libc6-dev-x32?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

libc6-i386

Package

Name: libc6-i386
Purl: pkg:deb/tuxcare/libc6-i386?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

libc6-pic

Package

Name: libc6-pic
Purl: pkg:deb/tuxcare/libc6-pic?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

libc6-x32

Package

Name: libc6-x32
Purl: pkg:deb/tuxcare/libc6-x32?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

locales

Package

Name: locales
Purl: pkg:deb/tuxcare/locales?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

locales-all

Package

Name: locales-all
Purl: pkg:deb/tuxcare/locales-all?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

multiarch-support

Package

Name: multiarch-support
Purl: pkg:deb/tuxcare/multiarch-support?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"

nscd

Package

Name: nscd
Purl: pkg:deb/tuxcare/nscd?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.23-0ubuntu11.4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1635459187.json"