Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2021-3347

HIGH7.8

An issue was discovered in the Linux kernel through 5

Published Jan 29, 2021

Modified 5 months ago

No fix available

Details

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.

References

WEBhttp://www.openwall.com/lists/oss-security/2021/01/29/4 WEBhttp://www.openwall.com/lists/oss-security/2021/01/29/5 WEBhttp://www.openwall.com/lists/oss-security/2021/02/01/4 WEBhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04b79c55201f02ffd675e1231d731365e335c307 WEBhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9 WEBhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2156ac1934166d6deb6cd0f6ffc4c1076ec63697 WEBhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34b1a1ce1458f50ef27c54e28eb9b1947012907a WEBhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6ccc84f917d33312eb2846bd7b567639f585ad6d WEBhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5cade200ab9a2a3be9e7f32a752c8d86b502ec7 WEBhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c64396cc36c6e60704ab06c1fb1c4a46179c9120 WEBhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2dac39d93987f7de1e20b3988c8685523247ae2 WEBhttps://lists.debian.org/debian-lts-announce/2021/02/msg00018.html WEBhttps://lists.debian.org/debian-lts-announce/2021/03/msg00010.html ADVISORYhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CXAVDAK4RLAHBHHGEPL73UFXSI6BXQ7Q/ADVISORYhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QOBMXDJABYE76RKNBAWA2E4TSSBX7CSJ/WEBhttps://security.netapp.com/advisory/ntap-20210304-0005/ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2021-3347 ADVISORYhttps://www.debian.org/security/2021/dsa-4843 WEBhttps://www.openwall.com/lists/oss-security/2021/01/29/1 WEBhttps://www.openwall.com/lists/oss-security/2021/01/29/3

CVSS Analysis

CVSS v3.1

7.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedJan 29, 2021

ModifiedJul 24, 2025

CVE-2021-3347 | Mondoo Vulnerability Intelligence