CVE-2021-3347

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.

References

http://www.openwall.com/lists/oss-security/2021/01/29/4

http://www.openwall.com/lists/oss-security/2021/01/29/5

http://www.openwall.com/lists/oss-security/2021/02/01/4

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04b79c55201f02ffd675e1231d731365e335c307

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2156ac1934166d6deb6cd0f6ffc4c1076ec63697

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34b1a1ce1458f50ef27c54e28eb9b1947012907a

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6ccc84f917d33312eb2846bd7b567639f585ad6d

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5cade200ab9a2a3be9e7f32a752c8d86b502ec7

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c64396cc36c6e60704ab06c1fb1c4a46179c9120

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2dac39d93987f7de1e20b3988c8685523247ae2

https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html

https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/CXAVDAK4RLAHBHHGEPL73UFXSI6BXQ7Q/

https://lists.fedoraproject.org/archives/list/[email protected]/message/QOBMXDJABYE76RKNBAWA2E4TSSBX7CSJ/

https://security.netapp.com/advisory/ntap-20210304-0005/

https://www.debian.org/security/2021/dsa-4843

https://www.openwall.com/lists/oss-security/2021/01/29/1

https://www.openwall.com/lists/oss-security/2021/01/29/3

Details

Source: MITRE

Published: 2021-01-29

Updated: 2021-03-15

Type: CWE-416

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 5.10.11 (inclusive)

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Tenable Plugins

View all (62 total)

IDNameProductFamilySeverity
153692EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2502)NessusHuawei Local Security Checks
high
153371RHEL 7 : kernel (RHSA-2021:3522)NessusRed Hat Local Security Checks
high
153370RHEL 7 : kpatch-patch (RHSA-2021:3523)NessusRed Hat Local Security Checks
high
153271EulerOS 2.0 SP2 : kernel (EulerOS-SA-2021-2392)NessusHuawei Local Security Checks
high
152977RHEL 7 : kernel (RHSA-2021:3399)NessusRed Hat Local Security Checks
high
152912Oracle Linux 6 : kernel (ELSA-2021-9434)NessusOracle Linux Local Security Checks
high
151867RHEL 7 : kernel (RHSA-2021:2730)NessusRed Hat Local Security Checks
high
151858RHEL 7 : kernel (RHSA-2021:2732)NessusRed Hat Local Security Checks
high
151843RHEL 7 : kpatch-patch (RHSA-2021:2731)NessusRed Hat Local Security Checks
high
151842RHEL 7 : kernel (RHSA-2021:2733)NessusRed Hat Local Security Checks
high
151167EulerOS Virtualization for ARM 64 3.0.6.0 : kernel (EulerOS-SA-2021-2002)NessusHuawei Local Security Checks
high
150800Scientific Linux Security Update : kernel on SL7.x x86_64 (2021:2314)NessusScientific Linux Local Security Checks
high
150770CentOS 7 : kernel (CESA-2021:2314)NessusCentOS Local Security Checks
high
150536SUSE SLES11 Security Update : kernel (SUSE-SU-2021:14630-1)NessusSuSE Local Security Checks
high
150447Oracle Linux 7 : kernel (ELSA-2021-2314)NessusOracle Linux Local Security Checks
high
150380RHEL 7 : kernel-rt (RHSA-2021:2316)NessusRed Hat Local Security Checks
high
150379RHEL 7 : kernel (RHSA-2021:2314)NessusRed Hat Local Security Checks
high
150347RHEL 7 : kpatch-patch (RHSA-2021:2285)NessusRed Hat Local Security Checks
high
150214EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-1929)NessusHuawei Local Security Checks
high
150213EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-1950)NessusHuawei Local Security Checks
high
149904RHEL 8 : kernel (RHSA-2021:2106)NessusRed Hat Local Security Checks
high
149898RHEL 8 : kpatch-patch (RHSA-2021:2099)NessusRed Hat Local Security Checks
high
149607EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-1879)NessusHuawei Local Security Checks
high
149235RHEL 7 : kernel-alt (RHSA-2021:1379)NessusRed Hat Local Security Checks
high
148892RHEL 8 : kpatch-patch (RHSA-2021:1295)NessusRed Hat Local Security Checks
high
148877RHEL 8 : kernel-rt (RHSA-2021:1279)NessusRed Hat Local Security Checks
high
148876RHEL 8 : kernel (RHSA-2021:1272)NessusRed Hat Local Security Checks
high
148634EulerOS Virtualization 2.9.1 : kernel (EulerOS-SA-2021-1715)NessusHuawei Local Security Checks
high
148604EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2021-1751)NessusHuawei Local Security Checks
high
148493Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4907-1)NessusUbuntu Local Security Checks
high
148492Ubuntu 20.04 LTS / 20.10 : Linux kernel vulnerabilities (USN-4910-1)NessusUbuntu Local Security Checks
high
148422CentOS 8 : kernel (CESA-2021:1093)NessusCentOS Local Security Checks
high
148371Oracle Linux 8 : kernel (ELSA-2021-1093)NessusOracle Linux Local Security Checks
high
148370RHEL 8 : kernel (RHSA-2021:1093)NessusRed Hat Local Security Checks
high
148369RHEL 8 : kernel-rt (RHSA-2021:1081)NessusRed Hat Local Security Checks
high
148350Photon OS 4.0: Linux PHSA-2021-4.0-0007NessusPhotonOS Local Security Checks
high
148003Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4878-1)NessusUbuntu Local Security Checks
high
147973Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4884-1)NessusUbuntu Local Security Checks
high
147871SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0870-1)NessusSuSE Local Security Checks
high
147588EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2021-1386)NessusHuawei Local Security Checks
high
147532Debian DLA-2586-1 : linux security updateNessusDebian Local Security Checks
high
147205Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9087)NessusOracle Linux Local Security Checks
high
147204Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9085)NessusOracle Linux Local Security Checks
high
147203Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9086)NessusOracle Linux Local Security Checks
high
147202Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9084)NessusOracle Linux Local Security Checks
high
147000Photon OS 2.0: Linux PHSA-2021-2.0-0322NessusPhotonOS Local Security Checks
high
146685SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0532-1)NessusSuSE Local Security Checks
high
146631Amazon Linux 2 : kernel (ALAS-2021-1600)NessusAmazon Linux Local Security Checks
high
146569Amazon Linux AMI : kernel (ALAS-2021-1480)NessusAmazon Linux Local Security Checks
high
146512Debian DLA-2557-1 : linux-4.19 security updateNessusDebian Local Security Checks
high
146511SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0452-1)NessusSuSE Local Security Checks
high
146476SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0437-1)NessusSuSE Local Security Checks
high
146474SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0438-1)NessusSuSE Local Security Checks
high
146470SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0434-1)NessusSuSE Local Security Checks
high
146406SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0427-1)NessusSuSE Local Security Checks
high
146366SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:0354-1)NessusSuSE Local Security Checks
high
146362SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0348-1)NessusSuSE Local Security Checks
high
146359SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0353-1)NessusSuSE Local Security Checks
high
146293openSUSE Security Update : the Linux Kernel (openSUSE-2021-241)NessusSuSE Local Security Checks
high
146244Fedora 32 : kernel (2021-6e805a5051)NessusFedora Local Security Checks
high
146234Fedora 33 : kernel (2021-879c756377)NessusFedora Local Security Checks
high
146052Debian DSA-4843-1 : linux - security updateNessusDebian Local Security Checks
high