Kotsi (CVE-2021-38604) e khethiloe ho Glibc, e etsang hore ho khonehe ho qala ho senyeha ha lits'ebetso tsamaisong ka ho romela molaetsa o entsoeng ka mokhoa o khethehileng ka melaetsa ea melaetsa ea POSIX API. Bothata ha bo so hlahe kabong, kaha bo teng feela tokollong ea 2.34, e hatisitsoeng libeke tse peli tse fetileng.
Bothata bo bakoa ke ho tšoara lintlha tse fosahetseng NOTIFY_REMOVED ho khoutu ea mq_notify.c, e lebisang ho NULL pointer dereference le ho senyeha ha tshebetso. Ho khahlisang, bothata ke phello ea bofokoli ba ho lokisa tlokotsi e 'ngoe (CVE-2021-33574), e tsitsitseng tokollong ea Glibc 2.34. Ho feta moo, haeba ts'oaetso ea pele e ne e le thata haholo ho e sebelisa 'me e hloka motsoako oa maemo a itseng, joale ho bonolo haholo ho etsa tlhaselo ka bothata ba bobeli.
Source: opennet.ru