CVE-2021-3347: Use After Free

Published Jan 28, 2021
·
Updated

A flaw was found in the Linux kernel. A use after free issue in PI futex may lead to code execution.

Upstream patch:

https://github.com/torvalds/linux/commit/c64396cc36c6e60704ab06c1fb1c4a46179c9120

References:

https://www.openwall.com/lists/oss-security/2021/01/29/1

Other sources

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.

Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a kernel stack use-after-free during fault handling in PI futexes. An attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the kernel.

IBM

Affected Software

22 affected componentsFixes available
redhat/kernel<0:2.6.32-754.41.2.el6
0:2.6.32-754.41.2.el6
redhat/kernel-rt<0:3.10.0-1160.31.1.rt56.1169.el7
0:3.10.0-1160.31.1.rt56.1169.el7
redhat/kernel-alt<0:4.14.0-115.36.1.el7a
0:4.14.0-115.36.1.el7a
redhat/kernel<0:3.10.0-1160.31.1.el7
0:3.10.0-1160.31.1.el7
redhat/kernel<0:3.10.0-327.100.1.el7
0:3.10.0-327.100.1.el7
redhat/kernel<0:3.10.0-514.90.2.el7
0:3.10.0-514.90.2.el7
redhat/kernel<0:3.10.0-693.90.2.el7
0:3.10.0-693.90.2.el7
redhat/kernel<0:3.10.0-957.78.2.el7
0:3.10.0-957.78.2.el7
redhat/kernel<0:3.10.0-1062.56.1.el7
0:3.10.0-1062.56.1.el7
redhat/kernel-rt<0:4.18.0-240.22.1.rt7.77.el8_3
0:4.18.0-240.22.1.rt7.77.el8_3
redhat/kernel<0:4.18.0-240.22.1.el8_3
0:4.18.0-240.22.1.el8_3
redhat/kernel<0:4.18.0-147.48.1.el8_1
0:4.18.0-147.48.1.el8_1
redhat/kernel-rt<0:4.18.0-193.51.1.rt13.101.el8_2
0:4.18.0-193.51.1.rt13.101.el8_2
redhat/kernel<0:4.18.0-193.51.1.el8_2
0:4.18.0-193.51.1.el8_2
IBM DRM<=2.0.6
Google Android
Linux Linux kernel<=5.10.11
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=32
Fedoraproject Fedora=33
debian/linux
5.10.223-15.10.234-16.1.129-16.1.135-16.12.25-16.12.27-1

Remediation

Patch Available

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04b79c55201f02ffd675e1231d731365e335c307

Patch Available

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9

Patch Available

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2156ac1934166d6deb6cd0f6ffc4c1076ec63697

Patch Available

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34b1a1ce1458f50ef27c54e28eb9b1947012907a

Patch Available

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6ccc84f917d33312eb2846bd7b567639f585ad6d

Patch Available

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5cade200ab9a2a3be9e7f32a752c8d86b502ec7

Patch Available

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c64396cc36c6e60704ab06c1fb1c4a46179c9120

Patch Available

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2dac39d93987f7de1e20b3988c8685523247ae2

Event History

Jan 28, 2021
CVE Published
12:00 AM
Jan 29, 2021
Data Sourced
via Red Hat·02:18 PM
DescriptionSeverityAffected Software
CVE Published
via MITRE·04:56 PM
Data Sourced
via MITRE·04:56 PM
Description
Data Sourced
via NVD·05:15 PM
RemedyDescriptionSeverityWeaknessAffected Software
Aug 2, 2021
Data Sourced
via Android·12:00 AM
SeverityWeaknessAffected Software
Jan 11, 2024
Data Sourced
via Launchpad·11:57 PM
Description
Apr 28, 2025
Data Sourced
via Ubuntu·04:30 AM
RemedyDescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2021-3347?

CVE-2021-3347 has a high severity level due to the potential for code execution through a use after free vulnerability.

2

How do I fix CVE-2021-3347?

To fix CVE-2021-3347, apply the latest kernel patches and updates provided by your distribution.

3

Which Linux versions are affected by CVE-2021-3347?

CVE-2021-3347 affects multiple versions of the Linux kernel, particularly those prior to the patched versions listed by Red Hat and other distributions.

4

What are the potential impacts of CVE-2021-3347?

The potential impacts of CVE-2021-3347 include arbitrary code execution, which could lead to system compromise or unauthorized access.

5

Is there an exploit available for CVE-2021-3347?

At the time of reporting, there was potential for exploitation, but specific exploit details require careful management to prevent misuse.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203