CVE-2021-33574 is a critical-severity Use After Free (CWE-416) vulnerability in Gnu Glibc. Its CVSS base score is 9.8 (Critical).
Operationally, ranked at the 32.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading…
more
to a denial of service (application crash) or possibly unspecified other impact.