See https://www.openwall.com/lists/oss-security/2021/01/29/1
This is affecting 5.10.11 as far as I can see
from: https://nvd.nist.gov/vuln/detail/CVE-2021-3347 "An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458."
Based on current knowledge, the complexity to exploit this is *very* high so thatt he highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
*** Bug 768045 has been marked as a duplicate of this bug. ***
Package list is empty or all packages have requested keywords.
(In reply to Thomas Deutschmann from comment #3) > Based on current knowledge, the complexity to exploit this is *very* high so > thatt he highest threat from this vulnerability is to data confidentiality > and integrity as well as system availability. Isn't that all three ways a vulnerability can affect something? Anyway, fixed kernels appear to be 4.9.257, 4.14.218, 4.19.172, 5.4.94, 5.10.12, and we've been fixed for a while