製品・ソフトウェアに関する情報

JVN脆弱性詳細

Linux Kernel における解放済みメモリの使用に関する脆弱性

タイトル	Linux Kernel における解放済みメモリの使用に関する脆弱性
概要	Linux Kernel には、解放済みメモリの使用に関する脆弱性が存在します。ベンダは、本脆弱性を CID-34b1a1ce1458 として公開しています。
想定される影響	情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。
対策	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2021年1月26日0:00
登録日	2021年10月14日18:09
最終更新日	2021年10月14日18:09

CVSS3.0 : 重要
スコア	7.8
ベクター	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS2.0 : 危険
スコア	7.2
ベクター	AV:L/AC:L/Au:N/C:C/I:C/A:C

影響を受けるシステム

Debian

Debian GNU/Linux

Fedora Project

Fedora

Linux

Linux Kernel 5.10.11 まで

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-3347	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3347
National Vulnerability Database (NVD)
2	CVE-2021-3347	https://nvd.nist.gov/vuln/detail/CVE-2021-3347

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-416	https://cwe.mitre.org/data/definitions/416.html

ベンダー情報

No	名前	URL
Debian
1	[SECURITY] [DLA 2557-1] linux-4.19 security update	https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html
2	[SECURITY] [DLA 2586-1] linux security update	https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
Debian Security Advisory
3	DSA-4843-1	https://www.debian.org/security/2021/dsa-4843
Fedora Update Notification
4	FEDORA-2021-6e805a5051	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CXAVDAK4RLAHBHHGEPL73UFXSI6BXQ7Q/
5	FEDORA-2021-879c756377	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QOBMXDJABYE76RKNBAWA2E4TSSBX7CSJ/
Linux kernel source tree
6	futex: Ensure the correct return value from futex_lock_pi()	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9
7	futex: Handle faults correctly for PI futexes	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34b1a1ce1458f50ef27c54e28eb9b1947012907a
8	futex: Provide and use pi_state_update_owner()	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5cade200ab9a2a3be9e7f32a752c8d86b502ec7
9	futex: Replace pointless printk in fixup_owner()	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04b79c55201f02ffd675e1231d731365e335c307
10	futex: Simplify fixup_pi_state_owner()	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2dac39d93987f7de1e20b3988c8685523247ae2
11	futex: Use pi_state_update_owner() in put_pi_state()	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6ccc84f917d33312eb2846bd7b567639f585ad6d
12	Merge tag 'locking-urgent-2021-01-28' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c64396cc36c6e60704ab06c1fb1c4a46179c9120
13	rtmutex: Remove unused argument from rt_mutex_proxy_unlock()	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2156ac1934166d6deb6cd0f6ffc4c1076ec63697

その他

No	名前	URL
関連文書
1	Re: Linux Kernel: local priv escalation via futexes	https://www.openwall.com/lists/oss-security/2021/01/29/4

変更履歴

No	変更内容	変更日
1	[2021年10月14日] 掲載	2021年10月14日18:09

NVD脆弱性情報

CVE-2021-3347

概要	An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.
公表日	2021年1月30日2:15
登録日	2021年1月30日10:01
最終更新日	2024年11月21日15:21

影響を受けるソフトウェアの構成

構成1		以上	以下	より上	未満
cpe:2.3:o:linux:linux_kernel::::::::			5.10.11

構成2	以上	以下	より上	未満
cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:debian:debian_linux:10.0:::::::*

構成3	以上	以下	より上	未満
cpe:2.3:o:fedoraproject:fedora:32:::::::*
cpe:2.3:o:fedoraproject:fedora:33:::::::*

関連情報、対策とツール

No	URL	タグ
1	http://www.openwall.com/lists/oss-security/2021/01/29/4	Mailing List Third Party Advisory
2	http://www.openwall.com/lists/oss-security/2021/01/29/4	Mailing List Third Party Advisory
3	http://www.openwall.com/lists/oss-security/2021/01/29/5	Mailing List Third Party Advisory
4	http://www.openwall.com/lists/oss-security/2021/01/29/5	Mailing List Third Party Advisory
5	http://www.openwall.com/lists/oss-security/2021/02/01/4	Exploit Mailing List Third Party Advisory
6	http://www.openwall.com/lists/oss-security/2021/02/01/4	Exploit Mailing List Third Party Advisory
7	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04b79c55201f02ffd675e1231d731365e335c307	Mailing List Patch Vendor Advisory
8	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04b79c55201f02ffd675e1231d731365e335c307	Mailing List Patch Vendor Advisory
9	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9	Mailing List Patch Vendor Advisory
10	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9	Mailing List Patch Vendor Advisory
11	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2156ac1934166d6deb6cd0f6ffc4c1076ec63697	Mailing List Patch Vendor Advisory
12	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2156ac1934166d6deb6cd0f6ffc4c1076ec63697	Mailing List Patch Vendor Advisory
13	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34b1a1ce1458f50ef27c54e28eb9b1947012907a	Mailing List Patch Vendor Advisory
14	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34b1a1ce1458f50ef27c54e28eb9b1947012907a	Mailing List Patch Vendor Advisory
15	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6ccc84f917d33312eb2846bd7b567639f585ad6d	Mailing List Patch Vendor Advisory
16	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6ccc84f917d33312eb2846bd7b567639f585ad6d	Mailing List Patch Vendor Advisory
17	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5cade200ab9a2a3be9e7f32a752c8d86b502ec7	Mailing List Patch Vendor Advisory
18	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5cade200ab9a2a3be9e7f32a752c8d86b502ec7	Mailing List Patch Vendor Advisory
19	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c64396cc36c6e60704ab06c1fb1c4a46179c9120	Mailing List Patch Vendor Advisory
20	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c64396cc36c6e60704ab06c1fb1c4a46179c9120	Mailing List Patch Vendor Advisory
21	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2dac39d93987f7de1e20b3988c8685523247ae2	Mailing List Patch Vendor Advisory
22	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2dac39d93987f7de1e20b3988c8685523247ae2	Mailing List Patch Vendor Advisory
23	https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html	Mailing List Third Party Advisory
24	https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html	Mailing List Third Party Advisory
25	https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html	Mailing List Third Party Advisory
26	https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html	Mailing List Third Party Advisory
27	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CXAVDAK4RLAHBHHGEPL73UFXSI6BXQ7Q/
28	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CXAVDAK4RLAHBHHGEPL73UFXSI6BXQ7Q/
29	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QOBMXDJABYE76RKNBAWA2E4TSSBX7CSJ/
30	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QOBMXDJABYE76RKNBAWA2E4TSSBX7CSJ/
31	https://security.netapp.com/advisory/ntap-20210304-0005/	Third Party Advisory
32	https://security.netapp.com/advisory/ntap-20210304-0005/	Third Party Advisory
33	https://www.debian.org/security/2021/dsa-4843	Third Party Advisory
34	https://www.debian.org/security/2021/dsa-4843	Third Party Advisory
35	https://www.openwall.com/lists/oss-security/2021/01/29/1	Mailing List Third Party Advisory
36	https://www.openwall.com/lists/oss-security/2021/01/29/1	Mailing List Third Party Advisory
37	https://www.openwall.com/lists/oss-security/2021/01/29/3	Mailing List Third Party Advisory
38	https://www.openwall.com/lists/oss-security/2021/01/29/3	Mailing List Third Party Advisory

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-416	解放済みメモリの使用	https://cwe.mitre.org/data/definitions/416.html