CVE-2021-3347

HIGH

Linux Kernel < 5.10.11 - Use-After-Free in PI Futex Fault Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-3347. PoCs published by nanopathi.

AI-analyzed exploit summary The repository contains only documentation and build configuration files for Linux kernel 4.19.72, with no actual exploit code or technical details related to CVE-2021-3347. The presence of Travis CI and Docker setup suggests a placeholder or incomplete project.

Description

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.

Exploits (1)

nomisec STUB
by nanopathi · poc
https://github.com/nanopathi/linux-4.19.72_CVE-2021-3347

The repository contains only documentation and build configuration files for Linux kernel 4.19.72, with no actual exploit code or technical details related to CVE-2021-3347. The presence of Travis CI and Docker setup suggests a placeholder or incomplete project.

Classification
Stub 90%
Attack Type
Other
Complexity
N/a
Reliability
Theoretical
Target: Linux kernel 4.19.72
No auth needed
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (19)

Core 19
Core References
Mailing List, Third Party Advisory x_refsource_misc
https://www.openwall.com/lists/oss-security/2021/01/29/3
Mailing List, Third Party Advisory x_refsource_misc
https://www.openwall.com/lists/oss-security/2021/01/29/1
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2021/01/29/5
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2021/01/29/4
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2021/02/01/4
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2021/dsa-4843
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20210304-0005/
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html

Scores

CVSS v3 7.8
EPSS 0.0137
EPSS Percentile 68.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-416
Status published
Products (5)
debian/debian_linux 9.0
debian/debian_linux 10.0
fedoraproject/fedora 32
fedoraproject/fedora 33
linux/linux_kernel < 5.10.11
Published Jan 29, 2021
Tracked Since Feb 18, 2026