Researchers have discovered a critical vulnerability that allegedly affects multiple Linux distros. The vulnerability named Mutagen Astronomy allows an attacker to gain complete control of a targeted system through root access. This Linux vulnerability adversely impacts all current versions of Red Hat, Debian, and CentOS distributions.
Mutagen Astronomy – Vulnerability Giving Root Access To Hackers
Researchers at Qualys have discovered a critical security vulnerability that adversely affects multiple Linux distributions. The privilege escalation vulnerability named ‘Mutagen Astronomy’ lets an attacker gain root access to a vulnerable system. This allows getting complete control of an affected system.
As described in the Qualys security advisory,
“We discovered an integer overflow in the Linux kernel’s create_elf_tables() function: on a 64-bit system, a local attacker can exploit this vulnerability via a SUID-root binary and obtain full root privileges.”
Mutagen Astronomy has been assigned with CVE number CVE-2018-14634, achieving a base score of 7.8 with a high severity level. The vulnerability affects multiple Linux distros including Red Hat Enterprise Linux, Debian, and CentOS. As explained by the researchers,
“Only kernels with commit b6a2fea39318 (“mm: variable length argument support”, from July 19, 2007) but without commit da029c11e6b1 (“exec: Limit arg stack to at most 75% of _STK_LIM”, from July 7, 2017) are exploitable.
Most Linux distributions backported commit da029c11e6b1 to their long-term-supported kernels, but Red Hat Enterprise Linux and CentOS (and Debian 8, the current “oldstable” version) have not, and are therefore vulnerable and exploitable.”
Patch Released By Red Hat
Red Hat explains that the vulnerability affects Linux kernel versions shipped with RHEL 6, 7 and MRG 2. However, the kernel version shipped with RHEL 5 remains unaffected by the flaw. Moreover, this vulnerability also does not affect systems with 32-bit or less due to limited memory.
A patch for this problem already existed and backported by most distros. However, since the vulnerable distros didn’t update. Now, Red Hat has also given mitigations regarding the flaw, and has also released patches for RHEL 7 kernel. Whereas, patch for RHEL 6 is awaited.