The security team at Qualys Research Labs has released new detailed information and proof of concept (PoC) code for the Linux kernel vulnerability called “Mutagen Astronomy,” tracking number CVE-2018-14634, currently affecting only CentOS and Red Hat Enterprise Linux (RHEL).
According to Qualys researchers, the actual bug exists in the Linux kernel’s create_elf_tables() function, which can cause a buffer overflow and execute malicious code with root privileges.
The vulnerability appeared in the Linux kernel between July 19, 2007 (kernel commit: b6a2fea39318) and July 7, 2017 (kernel commit: da029c11e6b1).
The researchers said: “Even though all Linux kernels are technically vulnerable, this issue is mitigated by a one-year-old patch that was backported to most long-term kernels and makes exploitation impossible. However, Red Hat Enterprise Linux and CentOS have not backported this patch, and are therefore vulnerable and exploitable.”
In a statement released today, the Red Hat team confirmed this issue: This vulnerability affects the kernel packages included with Red Hat Enterprise Linux 6, 7, and Red Hat Enterprise MRG 2 and will be updated as soon as possible to resolve this issue. You can mitigate the problem with security recommendations.”