Mutagen Astronomy Linux kernel bug impacts Red Hat, CentOS distributions

Security researchers at Qualys have discovered a new vulnerability in the Linux kernel that affects Red Hat Enterprise Linux (RHEL) and CentOS Linux distributions. 

The local privileged escalation (LPE) vulnerability (CVE-2018-14634) is dubbed Mutagen Astronomy.

Qualys summarized the threat in a recent advisory published on Tuesday:

We discovered an integer overflow in the Linux kernel’s create_elf_tables() function: on a 64-bit system, a local attacker can exploit this vulnerability via a SUID-root binary and obtain full root privileges.”

Details of proof-of-concept (PoC) code and analysis of the exploit was also posted by Qualys.

Red Hat issued a security advisory stating the issue affects Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. However, the bug does not affect older Red Hat 5 versions, 32-bit systems or likely systems with less than 32GB of memory.  

Red Hat provided mitigation steps to address the vulnerability and also a kernel security and bug fix update for Red Hat Enterprise Linux 7 (RHSA-2018:2748). 

The vulnerability has been rated a preliminary CVSS base score of 7.8 or high severity. 

Leave a Reply