Check the status of CVEs. Learn More.
Keeping your systems up 100% of the time requires live patching. Our solutions will align strongly with your risk, compliance, and operational uptime requirements.
TuxCare is trusted by the most innovative companies across the globe.
Learn about TuxCare's modern approach to reducing cybersecurity risk with Blogs, White Papers, and more.
Continually increasing Cybersecurity, stability, and availability of Linux servers and open source software since 2009.
TuxCare provides live security patching for numerous industries. Learn how TuxCare is minimizing risk for companies around the world.
2x a month. No spam.
February 2, 2021 - TuxCare expert team
Very recently a new vulnerability of the Linux Kernel was announced. It has been assigned CVE-2021-3347, and is (yet another) futex-related vulnerability.
The relevant aspect of this vulnerability is that it affects any kernel from 2008 onwards, up until version 5.10.11. That’s basically anything running today, every kernel version on every distribution. The details of the exploit and PoC code are still not available publicly, but that doesn’t guarantee they don’t exist in the wild.
/* “The futexes are also cursed.”
* “But they come in a choice of three flavours!”
*/
(from the futex.c comments)
Futex-related exploits are nothing new, and have been the source of some grief for sysadmins everywhere over the years. The code behind the futexes was originally created as a way to facilitate mutex usage across the kernel and userspace, but the logic quickly gained complexity and many edge cases have been found to cause security issues.
A working exploit can lead to memory corruption through a Use-After-Free, which in turn can lead to privilege escalation, information exfiltration and the usual set of nasty events you don’t want your servers subjected to. Adding insult to injury, it has been classified as easy to exploit, and possible to exploit remotely.
If you’re running KernelCare, we already started rolling out patches for Ubuntu Focal Fossa, Oracle EL 8 and Redhat EL 8, so your systems should be receiving them soon. Other supported systems will follow shortly. We will also have more detailed information regarding this vulnerability in an upcoming blog post, but due to the wide range of affected distributions and the high potential for risk, we are providing this quick brief to raise awareness to the dangers, pending further details.
Learn About Live Patching with TuxCare
End-of-life software is just a fact of our fast-paced technology...
Look, everyone knows that it’s a tough act. Thousands of...
The public sector, including state and federal agencies, are at...
If your organization deploys IoT solutions, you know that development...
We continue to look at the code issues that cause...
Catastrophic risks such as natural disasters and indeed cyberattacks require...