Bug 1922249 (CVE-2021-3347) - CVE-2021-3347 kernel: Use after free via PI futex state
Summary: CVE-2021-3347 kernel: Use after free via PI futex state
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-3347
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1922251 1924629 1924630 1924631 1924632 1924633 1924635 1924636 1924637 1924638 1924639 1924640 1925100 1925101 1925102 1925106 1935103 1935104 1935105 1935106 1935107 1935108 1935109 1935110 1935111 1935112 1935113 1935114 1935115 1935116 1935117 1935118 1949012 1949013 1949014 1949015
Blocks: 1922250
TreeView+ depends on / blocked
 
Reported: 2021-01-29 14:18 UTC by Pedro Sampaio
Modified: 2022-04-17 21:07 UTC (History)
59 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Clone Of:
Environment:
Last Closed: 2021-04-06 17:35:28 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2021:2362 0 None None None 2021-06-09 11:51:37 UTC
Red Hat Product Errata RHBA-2021:2494 0 None None None 2021-06-21 05:38:50 UTC
Red Hat Product Errata RHSA-2021:2285 0 None None None 2021-06-08 09:10:05 UTC
Red Hat Product Errata RHSA-2021:2314 0 None None None 2021-06-08 22:31:23 UTC
Red Hat Product Errata RHSA-2021:2316 0 None None None 2021-06-08 22:32:48 UTC
Red Hat Product Errata RHSA-2021:2730 0 None None None 2021-07-20 21:24:41 UTC
Red Hat Product Errata RHSA-2021:2731 0 None None None 2021-07-21 00:02:11 UTC
Red Hat Product Errata RHSA-2021:2732 0 None None None 2021-07-20 21:15:36 UTC
Red Hat Product Errata RHSA-2021:2733 0 None None None 2021-07-20 20:20:54 UTC
Red Hat Product Errata RHSA-2021:2735 0 None None None 2021-07-20 20:54:21 UTC
Red Hat Product Errata RHSA-2021:3399 0 None None None 2021-08-31 19:45:11 UTC
Red Hat Product Errata RHSA-2021:3522 0 None None None 2021-09-14 08:44:23 UTC
Red Hat Product Errata RHSA-2021:3523 0 None None None 2021-09-14 08:44:51 UTC

Description Pedro Sampaio 2021-01-29 14:18:30 UTC 
A flaw was found in the Linux kernel. A use after free issue in PI futex may lead to code execution.

Upstream patch:

https://github.com/torvalds/linux/commit/c64396cc36c6e60704ab06c1fb1c4a46179c9120

References:

https://www.openwall.com/lists/oss-security/2021/01/29/1
Comment 1 Pedro Sampaio 2021-01-29 14:20:01 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1922251]
Comment 11 Fedora Update System 2021-02-05 01:32:33 UTC 
FEDORA-2021-6e805a5051 has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 12 Fedora Update System 2021-02-05 01:58:31 UTC 
FEDORA-2021-879c756377 has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 15 errata-xmlrpc 2021-04-06 13:58:12 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:1081 https://access.redhat.com/errata/RHSA-2021:1081
Comment 16 errata-xmlrpc 2021-04-06 14:17:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:1093 https://access.redhat.com/errata/RHSA-2021:1093
Comment 18 Product Security DevOps Team 2021-04-06 17:35:28 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-3347
Comment 19 Product Security DevOps Team 2021-04-06 23:35:20 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-3347
Comment 21 errata-xmlrpc 2021-04-20 13:02:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:1279 https://access.redhat.com/errata/RHSA-2021:1279
Comment 22 errata-xmlrpc 2021-04-20 13:16:36 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:1272 https://access.redhat.com/errata/RHSA-2021:1272
Comment 23 errata-xmlrpc 2021-04-20 20:46:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:1295 https://access.redhat.com/errata/RHSA-2021:1295
Comment 24 errata-xmlrpc 2021-04-27 07:21:05 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:1379 https://access.redhat.com/errata/RHSA-2021:1379
Comment 25 errata-xmlrpc 2021-05-25 06:43:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:2099 https://access.redhat.com/errata/RHSA-2021:2099
Comment 26 errata-xmlrpc 2021-05-25 15:54:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:2106 https://access.redhat.com/errata/RHSA-2021:2106
Comment 27 errata-xmlrpc 2021-06-08 09:09:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:2285 https://access.redhat.com/errata/RHSA-2021:2285
Comment 28 errata-xmlrpc 2021-06-08 22:31:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:2314 https://access.redhat.com/errata/RHSA-2021:2314
Comment 29 errata-xmlrpc 2021-06-08 22:32:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:2316 https://access.redhat.com/errata/RHSA-2021:2316
Comment 30 errata-xmlrpc 2021-07-20 20:20:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.3 Advanced Update Support

Via RHSA-2021:2733 https://access.redhat.com/errata/RHSA-2021:2733
Comment 31 errata-xmlrpc 2021-07-20 20:54:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Extended Lifecycle Support

Via RHSA-2021:2735 https://access.redhat.com/errata/RHSA-2021:2735
Comment 32 errata-xmlrpc 2021-07-20 21:15:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Advanced Update Support
  Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.4 Telco Extended Update Support

Via RHSA-2021:2732 https://access.redhat.com/errata/RHSA-2021:2732
Comment 33 errata-xmlrpc 2021-07-20 21:24:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Advanced Update Support
  Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.6 Telco Extended Update Support

Via RHSA-2021:2730 https://access.redhat.com/errata/RHSA-2021:2730
Comment 34 errata-xmlrpc 2021-07-21 00:02:10 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions

Via RHSA-2021:2731 https://access.redhat.com/errata/RHSA-2021:2731
Comment 36 errata-xmlrpc 2021-08-31 19:45:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.2 Advanced Update Support

Via RHSA-2021:3399 https://access.redhat.com/errata/RHSA-2021:3399
Comment 37 errata-xmlrpc 2021-09-14 08:44:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Advanced Update Support
  Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.7 Telco Extended Update Support

Via RHSA-2021:3522 https://access.redhat.com/errata/RHSA-2021:3522
Comment 38 errata-xmlrpc 2021-09-14 08:44:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions

Via RHSA-2021:3523 https://access.redhat.com/errata/RHSA-2021:3523
Note You need to log in before you can comment on or make changes to this bug.