Preface: Unlike Windows or MacOS which push out software updates to users automatically, it is up to developers to look for Linux kernel updates on their own.
Background: The futex() system call provides a method for waiting until a certain condition becomes true. It is typically used as a blocking construct in the context of shared-memory synchronization.
- in the user-space fastpath a PI-enabled futex involves no kernel work
(or any other PI complexity) at all. No registration, no extra kernel
calls – just pure fast atomic ops in userspace.
Vulnerability details: An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458. See whether attached diagram can give you hints on the matter.
Remedy: Fix fault handling in futex_lock_pi. Official details refer to following link – https://nvd.nist.gov/vuln/detail/CVE-2021-3347
Comments: Perhaps you have doubts when aware this vulnerability? Can we maintain this statement say, Linux is secure than windows OS. But don’t forget that hacker likes Microsoft.