Details of VAR-202105-1306

ID

VAR-202105-1306

CVE

CVE-2021-33574

TITLE

GNU C Library Resource Management Error Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202105-1666

DESCRIPTION

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact. The vulnerability stems from the library's mq_notify function having a use-after-free feature. Bugs fixed (https://bugzilla.redhat.com/): 1944888 - CVE-2021-21409 netty: Request smuggling via content-length header 2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data 2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way 2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value 5. JIRA issues fixed (https://issues.jboss.org/): LOG-1971 - Applying cluster state is causing elasticsearch to hit an issue and become unusable 6. Solution: OSP 16.2.z Release - OSP Director Operator Containers 4. Bugs fixed (https://bugzilla.redhat.com/): 2025995 - Rebase tech preview on latest upstream v1.2.x branch 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache 2036784 - osp controller (fencing enabled) in downed state after system manual crash test 5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202107-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: glibc: Multiple vulnerabilities Date: July 06, 2021 Bugs: #764176, #767718, #772425, #792261 ID: 202107-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities in glibc could result in Denial of Service. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-libs/glibc < 2.33-r1 >= 2.33-r1 Description =========== Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact ====== An attacker could cause a possible Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All glibc users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.33-r1" References ========== [ 1 ] CVE-2019-25013 https://nvd.nist.gov/vuln/detail/CVE-2019-25013 [ 2 ] CVE-2020-27618 https://nvd.nist.gov/vuln/detail/CVE-2020-27618 [ 3 ] CVE-2021-27645 https://nvd.nist.gov/vuln/detail/CVE-2021-27645 [ 4 ] CVE-2021-3326 https://nvd.nist.gov/vuln/detail/CVE-2021-3326 [ 5 ] CVE-2021-33574 https://nvd.nist.gov/vuln/detail/CVE-2021-33574 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202107-07 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Openshift Logging 5.3.0 bug fix and security update Advisory ID: RHSA-2021:4627-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2021:4627 Issue date: 2021-11-15 CVE Names: CVE-2018-20673 CVE-2018-25009 CVE-2018-25010 CVE-2018-25012 CVE-2018-25013 CVE-2018-25014 CVE-2019-5827 CVE-2019-13750 CVE-2019-13751 CVE-2019-14615 CVE-2019-17594 CVE-2019-17595 CVE-2019-18218 CVE-2019-19603 CVE-2019-20838 CVE-2020-0427 CVE-2020-10001 CVE-2020-12762 CVE-2020-13435 CVE-2020-14145 CVE-2020-14155 CVE-2020-16135 CVE-2020-17541 CVE-2020-24370 CVE-2020-24502 CVE-2020-24503 CVE-2020-24504 CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26140 CVE-2020-26141 CVE-2020-26143 CVE-2020-26144 CVE-2020-26145 CVE-2020-26146 CVE-2020-26147 CVE-2020-27777 CVE-2020-29368 CVE-2020-29660 CVE-2020-35448 CVE-2020-35521 CVE-2020-35522 CVE-2020-35523 CVE-2020-35524 CVE-2020-36158 CVE-2020-36312 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 CVE-2020-36386 CVE-2021-0129 CVE-2021-3200 CVE-2021-3348 CVE-2021-3426 CVE-2021-3445 CVE-2021-3481 CVE-2021-3487 CVE-2021-3489 CVE-2021-3564 CVE-2021-3572 CVE-2021-3573 CVE-2021-3580 CVE-2021-3600 CVE-2021-3635 CVE-2021-3659 CVE-2021-3679 CVE-2021-3732 CVE-2021-3778 CVE-2021-3796 CVE-2021-3800 CVE-2021-20194 CVE-2021-20197 CVE-2021-20231 CVE-2021-20232 CVE-2021-20239 CVE-2021-20266 CVE-2021-20284 CVE-2021-22876 CVE-2021-22898 CVE-2021-22925 CVE-2021-23133 CVE-2021-23840 CVE-2021-23841 CVE-2021-27645 CVE-2021-28153 CVE-2021-28950 CVE-2021-28971 CVE-2021-29155 CVE-2021-29646 CVE-2021-29650 CVE-2021-31440 CVE-2021-31535 CVE-2021-31829 CVE-2021-31916 CVE-2021-33033 CVE-2021-33194 CVE-2021-33200 CVE-2021-33560 CVE-2021-33574 CVE-2021-35942 CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 CVE-2021-42574 ===================================================================== 1. Summary: An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Openshift Logging Bug Fix Release (5.3.0) Security Fix(es): * golang: x/net/html: infinite loop in ParseFragment (CVE-2021-33194) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update: https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html For Red Hat OpenShift Logging 5.3, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment 5. JIRA issues fixed (https://issues.jboss.org/): LOG-1168 - Disable hostname verification in syslog TLS settings LOG-1235 - Using HTTPS without a secret does not translate into the correct 'scheme' value in Fluentd LOG-1375 - ssl_ca_cert should be optional LOG-1378 - CLO should support sasl_plaintext(Password over http) LOG-1392 - In fluentd config, flush_interval can't be set with flush_mode=immediate LOG-1494 - Syslog output is serializing json incorrectly LOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server LOG-1575 - Rejected by Elasticsearch and unexpected json-parsing LOG-1735 - Regression introducing flush_at_shutdown LOG-1774 - The collector logs should be excluded in fluent.conf LOG-1776 - fluentd total_limit_size sets value beyond available space LOG-1822 - OpenShift Alerting Rules Style-Guide Compliance LOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled LOG-1862 - Unsupported kafka parameters when enabled Kafka SASL LOG-1903 - Fix the Display of ClusterLogging type in OLM LOG-1911 - CLF API changes to Opt-in to multiline error detection LOG-1918 - Alert `FluentdNodeDown` always firing LOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding 6. References: https://access.redhat.com/security/cve/CVE-2018-20673 https://access.redhat.com/security/cve/CVE-2018-25009 https://access.redhat.com/security/cve/CVE-2018-25010 https://access.redhat.com/security/cve/CVE-2018-25012 https://access.redhat.com/security/cve/CVE-2018-25013 https://access.redhat.com/security/cve/CVE-2018-25014 https://access.redhat.com/security/cve/CVE-2019-5827 https://access.redhat.com/security/cve/CVE-2019-13750 https://access.redhat.com/security/cve/CVE-2019-13751 https://access.redhat.com/security/cve/CVE-2019-14615 https://access.redhat.com/security/cve/CVE-2019-17594 https://access.redhat.com/security/cve/CVE-2019-17595 https://access.redhat.com/security/cve/CVE-2019-18218 https://access.redhat.com/security/cve/CVE-2019-19603 https://access.redhat.com/security/cve/CVE-2019-20838 https://access.redhat.com/security/cve/CVE-2020-0427 https://access.redhat.com/security/cve/CVE-2020-10001 https://access.redhat.com/security/cve/CVE-2020-12762 https://access.redhat.com/security/cve/CVE-2020-13435 https://access.redhat.com/security/cve/CVE-2020-14145 https://access.redhat.com/security/cve/CVE-2020-14155 https://access.redhat.com/security/cve/CVE-2020-16135 https://access.redhat.com/security/cve/CVE-2020-17541 https://access.redhat.com/security/cve/CVE-2020-24370 https://access.redhat.com/security/cve/CVE-2020-24502 https://access.redhat.com/security/cve/CVE-2020-24503 https://access.redhat.com/security/cve/CVE-2020-24504 https://access.redhat.com/security/cve/CVE-2020-24586 https://access.redhat.com/security/cve/CVE-2020-24587 https://access.redhat.com/security/cve/CVE-2020-24588 https://access.redhat.com/security/cve/CVE-2020-26139 https://access.redhat.com/security/cve/CVE-2020-26140 https://access.redhat.com/security/cve/CVE-2020-26141 https://access.redhat.com/security/cve/CVE-2020-26143 https://access.redhat.com/security/cve/CVE-2020-26144 https://access.redhat.com/security/cve/CVE-2020-26145 https://access.redhat.com/security/cve/CVE-2020-26146 https://access.redhat.com/security/cve/CVE-2020-26147 https://access.redhat.com/security/cve/CVE-2020-27777 https://access.redhat.com/security/cve/CVE-2020-29368 https://access.redhat.com/security/cve/CVE-2020-29660 https://access.redhat.com/security/cve/CVE-2020-35448 https://access.redhat.com/security/cve/CVE-2020-35521 https://access.redhat.com/security/cve/CVE-2020-35522 https://access.redhat.com/security/cve/CVE-2020-35523 https://access.redhat.com/security/cve/CVE-2020-35524 https://access.redhat.com/security/cve/CVE-2020-36158 https://access.redhat.com/security/cve/CVE-2020-36312 https://access.redhat.com/security/cve/CVE-2020-36330 https://access.redhat.com/security/cve/CVE-2020-36331 https://access.redhat.com/security/cve/CVE-2020-36332 https://access.redhat.com/security/cve/CVE-2020-36386 https://access.redhat.com/security/cve/CVE-2021-0129 https://access.redhat.com/security/cve/CVE-2021-3200 https://access.redhat.com/security/cve/CVE-2021-3348 https://access.redhat.com/security/cve/CVE-2021-3426 https://access.redhat.com/security/cve/CVE-2021-3445 https://access.redhat.com/security/cve/CVE-2021-3481 https://access.redhat.com/security/cve/CVE-2021-3487 https://access.redhat.com/security/cve/CVE-2021-3489 https://access.redhat.com/security/cve/CVE-2021-3564 https://access.redhat.com/security/cve/CVE-2021-3572 https://access.redhat.com/security/cve/CVE-2021-3573 https://access.redhat.com/security/cve/CVE-2021-3580 https://access.redhat.com/security/cve/CVE-2021-3600 https://access.redhat.com/security/cve/CVE-2021-3635 https://access.redhat.com/security/cve/CVE-2021-3659 https://access.redhat.com/security/cve/CVE-2021-3679 https://access.redhat.com/security/cve/CVE-2021-3732 https://access.redhat.com/security/cve/CVE-2021-3778 https://access.redhat.com/security/cve/CVE-2021-3796 https://access.redhat.com/security/cve/CVE-2021-3800 https://access.redhat.com/security/cve/CVE-2021-20194 https://access.redhat.com/security/cve/CVE-2021-20197 https://access.redhat.com/security/cve/CVE-2021-20231 https://access.redhat.com/security/cve/CVE-2021-20232 https://access.redhat.com/security/cve/CVE-2021-20239 https://access.redhat.com/security/cve/CVE-2021-20266 https://access.redhat.com/security/cve/CVE-2021-20284 https://access.redhat.com/security/cve/CVE-2021-22876 https://access.redhat.com/security/cve/CVE-2021-22898 https://access.redhat.com/security/cve/CVE-2021-22925 https://access.redhat.com/security/cve/CVE-2021-23133 https://access.redhat.com/security/cve/CVE-2021-23840 https://access.redhat.com/security/cve/CVE-2021-23841 https://access.redhat.com/security/cve/CVE-2021-27645 https://access.redhat.com/security/cve/CVE-2021-28153 https://access.redhat.com/security/cve/CVE-2021-28950 https://access.redhat.com/security/cve/CVE-2021-28971 https://access.redhat.com/security/cve/CVE-2021-29155 https://access.redhat.com/security/cve/CVE-2021-29646 https://access.redhat.com/security/cve/CVE-2021-29650 https://access.redhat.com/security/cve/CVE-2021-31440 https://access.redhat.com/security/cve/CVE-2021-31535 https://access.redhat.com/security/cve/CVE-2021-31829 https://access.redhat.com/security/cve/CVE-2021-31916 https://access.redhat.com/security/cve/CVE-2021-33033 https://access.redhat.com/security/cve/CVE-2021-33194 https://access.redhat.com/security/cve/CVE-2021-33200 https://access.redhat.com/security/cve/CVE-2021-33560 https://access.redhat.com/security/cve/CVE-2021-33574 https://access.redhat.com/security/cve/CVE-2021-35942 https://access.redhat.com/security/cve/CVE-2021-36084 https://access.redhat.com/security/cve/CVE-2021-36085 https://access.redhat.com/security/cve/CVE-2021-36086 https://access.redhat.com/security/cve/CVE-2021-36087 https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/updates/classification/#moderate 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYZJxoNzjgjWX9erEAQji2Q//bv8hVZq0D8Dz0Do5vdoPzpjDhM6wJr7U 3CqAqcxniXvHVbBiPHPsY3p3M62FSO5lg4oZnVfokEtrZmLe9ULZWLlNxVilAUCT 0urKKWCAIXF+QJcW9/KCuIfaMh8Mmvh2baq52azauCHCJ3UK9ontiGWqyUz/aq9F TM4P/eehnUU1WXAz9x4ycHP7fHZBuADkI8WOUZ5M/QpcoEvo7rLFdyat5MpMkeJx j7gGieb2ITvblxEML3LRdPljQxe56w7p2jC/EoXJnssjABozlWB936Ub/QSulGuz +HQS+RnAGxRRpNcs1wNQzpIkCFJN2S0jlEj5VLB8xLbZTYtILWhIx4rlwaFy6NJn /z7hpEfSAgmhPTejshI/2Gfu/sc+KStEJk2IasWO1wqQWRqYGVeLwgHxBt2wpX+I XJUjhkAdhAWyDfEhPXzpbN4dhmDk0QiGfL3KWZ8nO54IFQgZHT1P1YArnI1hMWC7 JhTyj1DtFOKJl8X28wf6RNui+ifD12hmIAuQRuJTPjZbTnywwpMy+Sq9mrfeHztb gPt2AqOPF5ksNB6OsjVKlMScLlLJzzlkBVgmurXaly0z2qLjy0Rl70oWeMOW4xUD 4Ravk3PLEMqSIHv0ECr4ku5ejMV1Rd46USrgVX2R0CALXIxPkk1IEN8hHmzIGz2D HHJuAvrlroc= =di1X -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Summary: Red Hat OpenShift Virtualization release 4.8.3 is now available with updates to packages and images that fix several bugs and add enhancements. Description: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Bugs fixed (https://bugzilla.redhat.com/): 1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic 1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet 1997017 - unprivileged client fails to get guest agent data 1998855 - Node drain: Sometimes source virt-launcher pod status is Failed and not Completed 2000251 - RoleBinding and ClusterRoleBinding brought in by kubevirt does not get reconciled when kind is ServiceAccount 2001270 - [VMIO] [Warm from Vmware] Snapshot files are not deleted after Successful Import 2001281 - [VMIO] [Warm from VMware] Source VM should not be turned ON if vmio import is removed 2001901 - [4.8.3] NNCP creation failures after nmstate-handler pod deletion 2007336 - 4.8.3 containers 2007776 - Failed to Migrate Windows VM with CDROM (readonly) 2008511 - [CNV-4.8.3] VMI is in LiveMigrate loop when Upgrading Cluster from 2.6.7/4.7.32 to OCP 4.8.13 2012890 - With descheduler during multiple VMIs migrations, some VMs are restarted 2025475 - [4.8.3] Upgrade from 2.6 to 4.x versions failed due to vlan-filtering issues 2026881 - [4.8.3] vlan-filtering is getting applied on veth ports 5. Summary: The Migration Toolkit for Containers (MTC) 1.5.2 is now available. Description: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Solution: For details on how to install and use MTC, refer to: https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2000734 - CVE-2021-3757 nodejs-immer: prototype pollution may lead to DoS or remote code execution 2005438 - Combining Rsync and Stunnel in a single pod can degrade performance (1.5 backport) 2006842 - MigCluster CR remains in "unready" state and source registry is inaccessible after temporary shutdown of source cluster 2007429 - "oc describe" and "oc log" commands on "Migration resources" tree cannot be copied after failed migration 2022017 - CVE-2021-3948 mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC) 5

Trust: 1.89

sources: NVD: CVE-2021-33574 // VULHUB: VHN-393646 // VULMON: CVE-2021-33574 // PACKETSTORM: 165296 // PACKETSTORM: 165286 // PACKETSTORM: 165287 // PACKETSTORM: 166308 // PACKETSTORM: 163406 // PACKETSTORM: 164967 // PACKETSTORM: 165135 // PACKETSTORM: 165099 // PACKETSTORM: 165862

AFFECTED PRODUCTS

vendor:	netapp	model:	h500e	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h700s	scope:	eq	version:	-	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	netapp	model:	solidfire baseboard management controller	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h300e	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	e-series santricity os controller	scope:	gte	version:	11.0	Trust: 1.0
vendor:	netapp	model:	h410s	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h300s	scope:	eq	version:	-	Trust: 1.0
vendor:	gnu	model:	glibc	scope:	eq	version:	2.32	Trust: 1.0
vendor:	netapp	model:	h500s	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	cloud backup	scope:	eq	version:	-	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	33	Trust: 1.0
vendor:	gnu	model:	glibc	scope:	eq	version:	2.33	Trust: 1.0
vendor:	netapp	model:	e-series santricity os controller	scope:	lte	version:	11.70.1	Trust: 1.0
vendor:	netapp	model:	h700e	scope:	eq	version:	-	Trust: 1.0

sources: NVD: CVE-2021-33574

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-33574
value:	CRITICAL
Trust: 1.0
CNNVD:	CNNVD-202105-1666
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-393646
value:	HIGH
Trust: 0.1
VULMON:	CVE-2021-33574
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-33574
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-393646
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-33574
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-393646 // VULMON: CVE-2021-33574 // CNNVD: CNNVD-202105-1666 // NVD: CVE-2021-33574

PROBLEMTYPE DATA

problemtype:

CWE-416

Trust: 1.1

sources: VULHUB: VHN-393646 // NVD: CVE-2021-33574

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202105-1666

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202105-1666

PATCH

title:	Debian CVElist Bug Report Logs: glibc: CVE-2021-33574: mq_notify does not handle separately allocated thread attributes	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=7a9966ec919351d3328669aa69ea5e39	Trust: 0.1
title:	Red Hat: CVE-2021-33574	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-33574	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2022-1736	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2022-1736	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-33574 log	Trust: 0.1
title:	Red Hat: Moderate: Release of OpenShift Serverless 1.20.0	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220434 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat OpenShift distributed tracing 2.1.0 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220318 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Release of containers for OSP 16.2 director operator tech preview	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220842 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Red Hat OpenShift GitOps security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220580 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Advanced Cluster Management 2.2.11 security updates and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220856 - Security Advisory	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2021-33574	Trust: 0.1
title:	CVE-2021-33574	url:	https://github.com/JamesGeee/CVE-2021-33574	Trust: 0.1
title:	cks-notes	url:	https://github.com/ruzickap/cks-notes	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2021-38604	Trust: 0.1
title:	ochacafe-s5-3	url:	https://github.com/oracle-japan/ochacafe-s5-3	Trust: 0.1

sources: VULMON: CVE-2021-33574

EXTERNAL IDS

db:	NVD	id:	CVE-2021-33574	Trust: 2.7
db:	PACKETSTORM	id:	166308	Trust: 0.8
db:	PACKETSTORM	id:	163406	Trust: 0.8
db:	PACKETSTORM	id:	165862	Trust: 0.8
db:	CNNVD	id:	CNNVD-202105-1666	Trust: 0.7
db:	PACKETSTORM	id:	165758	Trust: 0.7
db:	PACKETSTORM	id:	166051	Trust: 0.7
db:	PACKETSTORM	id:	164863	Trust: 0.7
db:	CS-HELP	id:	SB2021092807	Trust: 0.6
db:	CS-HELP	id:	SB2021070604	Trust: 0.6
db:	CS-HELP	id:	SB2021100416	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3935	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4254	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4172	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0394	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3785	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4095	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4019	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3905	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4229	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4059	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5140	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3214	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0245	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3336	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0716	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.1071	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0493	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3398	Trust: 0.6
db:	VULHUB	id:	VHN-393646	Trust: 0.1
db:	VULMON	id:	CVE-2021-33574	Trust: 0.1
db:	PACKETSTORM	id:	165296	Trust: 0.1
db:	PACKETSTORM	id:	165286	Trust: 0.1
db:	PACKETSTORM	id:	165287	Trust: 0.1
db:	PACKETSTORM	id:	164967	Trust: 0.1
db:	PACKETSTORM	id:	165135	Trust: 0.1
db:	PACKETSTORM	id:	165099	Trust: 0.1

sources: VULHUB: VHN-393646 // VULMON: CVE-2021-33574 // PACKETSTORM: 165296 // PACKETSTORM: 165286 // PACKETSTORM: 165287 // PACKETSTORM: 166308 // PACKETSTORM: 163406 // PACKETSTORM: 164967 // PACKETSTORM: 165135 // PACKETSTORM: 165099 // PACKETSTORM: 165862 // CNNVD: CNNVD-202105-1666 // NVD: CVE-2021-33574

REFERENCES

url:	https://security.gentoo.org/glsa/202107-07	Trust: 1.8
url:	https://security.netapp.com/advisory/ntap-20210629-0005/	Trust: 1.7
url:	https://sourceware.org/bugzilla/show_bug.cgi?id=27896	Trust: 1.7
url:	https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html	Trust: 1.7
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/kjyyimddyohtp2porlabtohyqyyrezdd/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rbuuwugxvilqxvweou7n42ichpjnaeup/	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16135	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-3200	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5827	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-27645	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-33574	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2020-13435	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2019-5827	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2020-24370	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2019-13751	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2019-19603	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-35942	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2019-17594	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24370	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2020-12762	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-36086	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13750	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13751	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-22898	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12762	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2020-16135	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-36084	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-3800	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17594	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-36087	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-3445	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13435	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19603	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-22925	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-18218	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-20232	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2019-20838	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-22876	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-20231	Trust: 0.8
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2020-14155	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20838	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-36085	Trust: 0.8
url:	https://bugzilla.redhat.com/):	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-33560	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2019-17595	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14155	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-28153	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2019-13750	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2019-18218	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2021-3580	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17595	Trust: 0.8
url:	https://access.redhat.com/security/team/contact/	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rbuuwugxvilqxvweou7n42ichpjnaeup/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/kjyyimddyohtp2porlabtohyqyyrezdd/	Trust: 0.7
url:	https://access.redhat.com/security/cve/cve-2021-20266	Trust: 0.7
url:	https://access.redhat.com/security/cve/cve-2021-42574	Trust: 0.7
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.7
url:	https://access.redhat.com/security/cve/cve-2021-3572	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-3426	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0245	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3905	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6526524	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.1071	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4019	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3398	Trust: 0.6
url:	https://packetstormsecurity.com/files/165862/red-hat-security-advisory-2022-0434-05.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5140	Trust: 0.6
url:	https://vigilance.fr/vulnerability/glibc-use-after-free-via-mq-notify-35692	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3336	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3214	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0716	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021092807	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0394	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0493	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3935	Trust: 0.6
url:	https://packetstormsecurity.com/files/164863/red-hat-security-advisory-2021-4358-03.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4229	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4059	Trust: 0.6
url:	https://packetstormsecurity.com/files/166051/red-hat-security-advisory-2022-0580-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021070604	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021100416	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4254	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3785	Trust: 0.6
url:	https://packetstormsecurity.com/files/165758/red-hat-security-advisory-2022-0318-06.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4095	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4172	Trust: 0.6
url:	https://packetstormsecurity.com/files/163406/gentoo-linux-security-advisory-202107-07.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/166308/red-hat-security-advisory-2022-0842-01.html	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20673	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2020-14145	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14145	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2021-3778	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2021-3712	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2021-23841	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2018-20673	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2021-23840	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2021-3796	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2018-25013	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25012	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-35522	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-35524	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25013	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25009	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2018-25014	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2018-25012	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-35521	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-17541	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-36331	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-31535	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-36330	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-36332	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25010	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2020-17541	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25014	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-3481	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2018-25009	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2018-25010	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-35523	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20231	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20232	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22925	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22898	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22876	Trust: 0.4
url:	https://access.redhat.com/security/vulnerabilities/rhsb-2021-009	Trust: 0.3
url:	https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-43527	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-44228	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-28950	Trust: 0.3
url:	https://issues.jboss.org/):	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27645	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33574	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20266	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2020-24504	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-27777	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20239	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-36158	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-35448	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3635	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20284	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-36386	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-0427	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-24586	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3348	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-26140	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3487	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-26146	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-31440	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3732	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-0129	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-10001	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-24502	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3564	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-0427	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-23133	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-26144	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3679	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-36312	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-29368	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-24588	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-29646	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-29155	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3489	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-29660	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-26139	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-28971	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-14615	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-26143	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3600	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-26145	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-33200	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-29650	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-33033	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20194	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-26147	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-31916	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-10001	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24503	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14615	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24502	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-31829	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3573	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20197	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-26141	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-24587	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-24503	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3659	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35524	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35522	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-37136	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35523	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-37137	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-21409	Trust: 0.2
url:	https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36330	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35521	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20317	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-43267	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33560	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28153	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3200	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3445	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-33938	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-33930	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-33928	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-37750	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-22947	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-29923	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22946	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3733	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22947	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-33929	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-36222	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-22946	Trust: 0.2
url:	https://access.redhat.com/errata/rhsa-2021:5137	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:5128	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36331	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:5127	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3984	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3521	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4193	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4122	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-44716	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3572	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3872	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0842	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3426	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4019	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4192	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3521	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-25013	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3326	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27618	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33194	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:4627	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-25648	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-36385	Trust: 0.1
url:	https://access.redhat.com/articles/11258	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-34558	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-0512	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-0512	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36385	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20317	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:4914	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25648	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3656	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27218	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3757	Trust: 0.1
url:	https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:4848	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23841	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-27218	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3948	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3620	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23840	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0434	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3580	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-39293	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-29923	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-38297	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index	Trust: 0.1

sources: VULHUB: VHN-393646 // PACKETSTORM: 165296 // PACKETSTORM: 165286 // PACKETSTORM: 165287 // PACKETSTORM: 166308 // PACKETSTORM: 163406 // PACKETSTORM: 164967 // PACKETSTORM: 165135 // PACKETSTORM: 165099 // PACKETSTORM: 165862 // CNNVD: CNNVD-202105-1666 // NVD: CVE-2021-33574

CREDITS

Red Hat

Trust: 0.8

sources: PACKETSTORM: 165296 // PACKETSTORM: 165286 // PACKETSTORM: 165287 // PACKETSTORM: 166308 // PACKETSTORM: 164967 // PACKETSTORM: 165135 // PACKETSTORM: 165099 // PACKETSTORM: 165862

SOURCES

db:	VULHUB	id:	VHN-393646
db:	VULMON	id:	CVE-2021-33574
db:	PACKETSTORM	id:	165296
db:	PACKETSTORM	id:	165286
db:	PACKETSTORM	id:	165287
db:	PACKETSTORM	id:	166308
db:	PACKETSTORM	id:	163406
db:	PACKETSTORM	id:	164967
db:	PACKETSTORM	id:	165135
db:	PACKETSTORM	id:	165099
db:	PACKETSTORM	id:	165862
db:	CNNVD	id:	CNNVD-202105-1666
db:	NVD	id:	CVE-2021-33574

LAST UPDATE DATE

2026-06-19T20:36:43.384000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-393646	date:	2022-11-08T00:00:00
db:	VULMON	id:	CVE-2021-33574	date:	2023-11-07T00:00:00
db:	CNNVD	id:	CNNVD-202105-1666	date:	2022-10-18T00:00:00
db:	NVD	id:	CVE-2021-33574	date:	2026-06-17T03:54:48.833

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-393646	date:	2021-05-25T00:00:00
db:	VULMON	id:	CVE-2021-33574	date:	2021-05-25T00:00:00
db:	PACKETSTORM	id:	165296	date:	2021-12-15T15:27:05
db:	PACKETSTORM	id:	165286	date:	2021-12-15T15:20:33
db:	PACKETSTORM	id:	165287	date:	2021-12-15T15:20:43
db:	PACKETSTORM	id:	166308	date:	2022-03-15T15:41:45
db:	PACKETSTORM	id:	163406	date:	2021-07-06T15:43:31
db:	PACKETSTORM	id:	164967	date:	2021-11-15T17:25:56
db:	PACKETSTORM	id:	165135	date:	2021-12-03T16:41:45
db:	PACKETSTORM	id:	165099	date:	2021-11-30T14:44:48
db:	PACKETSTORM	id:	165862	date:	2022-02-04T17:26:39
db:	CNNVD	id:	CNNVD-202105-1666	date:	2021-05-25T00:00:00
db:	NVD	id:	CVE-2021-33574	date:	2021-05-25T22:15:10.410