Qualys, Inc. discovered a critical vulnerability that affects multiple Linux
distribution. This vulnerability named Mutagen Astronomy allows an attacker to gain complete control of a targeted system through root access. This Linux vulnerability adversely impacts all current versions of Red Hat, Debian, and CentOS distributions.
Mutagen Astronomy – Vulnerability Giving Root Access To Hackers
Researchers at Qualys have discovered a critical security vulnerability that adversely affects multiple Linux distributions. The Local privilege escalation vulnerability named ‘Mutagen Astronomy’ lets an attacker gain root access to a vulnerable system. This allows getting complete control of an affected system.
“We discovered an integer overflow in the Linux kernel’s create_elf_tables() function: on a 64-bit system, a local attacker can exploit this vulnerability via a SUID-root binary and obtain full root privileges.”
Mutagen Astronomy has been assigned with CVE number CVE-2018-14634, achieving a base score of 7.8 with a high severity level. The vulnerability affects multiple Linux distros including Red Hat Enterprise Linux, Debian, and CentOS. As explained by the researchers,
“Only kernels with commit b6a2fea39318 (“mm: variable length argument support”, from July 19, 2007) but without commit da029c11e6b1 (“exec: Limit arg stack to at most 75% of _STK_LIM”, from July 7, 2017) are exploitable.
Most Linux distributions backported commit da029c11e6b1 to their long-term-supported kernels, but Red Hat Enterprise Linux and Cent-OS (and Debian 8, the current “old-stable” version) have not, and are therefore vulnerable and exploitable.”
Patch Released By Red Hat
Red Hat, Inc. is an American multinational software company said that the
vulnerability affects Linux kernel versions with MRG 2 and RHEL 6, 7. However, kernel version RHEL 5 unaffected by the flaw.
- This vulnerability does not affect systems with 32-bit or less due to limited memory.
A patch for this vulnerability already existed and back-ported by most
distribution . However, since the vulnerable distribution didn’t update. Now, Red Hat has also given mitigation’s regarding the flaw, and has also released patches for RHEL 7 kernel. Whereas, patch for RHEL 6 is awaited
Note: Systems with less than 32GB of RAM are unlikely to be affected by this issue, due to memory demands during exploitation.
VULNERABLITY PUBLISHED DATE – 2018-09-26
YOU CAN ALSO CHECK IN EXPLOIT-DB
|EDB-ID: 45516||Author: Qualys Corporation||Published: 2018-09-26|
|CVE: CVE-2018-14634||Type: Local||Platform: Linux|
|Aliases: N/A||Advisory/Source: Link||Tags: N/A|
|E-DB Verified:||Exploit: Download / View Raw||Vulnerable App: N/A|