A new serious problem has been discovered to affect the Linux operating system, the bug is known as the Linux Mutagen Astronomy vulnerability and assigned the CVE-2018-14634 advisory. The security team that reported it has posted a proof-of-concept code that shows that major distributions are impacted.
The Linux Mutagen Astronomy Vulnerability Is Tracked in CVE-2018-14634
A new dangerous bug has been found in the Linux operating system, the security team that reported the problem has posted a proof-of-concept code that shows that major distributions are affected. At the moment it is confirmed that CentOS and the Red Hat Enterprise Linux (RHEL) systems are affected. The team behind the discovery states that this is a type of a local privilege escalation issue which is one of the most common issues with operating systems as a whole.
To exploit it successfully the attackers will need to have access to the systems, the dangerous code has shown that the bug allows them to gain root access thereby achieving total control of the affected devices. This is possible due to an issue in the function of the Linux kernel that operates the memory tables. The dangerous code will lead to a buffer overflow which will result in the execution of malicious code. The vulnerability was found in commits between July 19 2007 and July 7 2017.
According to the team technically all Linux kernels are vulnerable to this instance however in most cases the issue is mitigated by a patch that has been backported to most long-term kernels. Still two distributions have been found to be still affected by it — CentOS and Red Hat Enterprise Linux. They have confirmed this in a statement and are working on a patch to address the vulnerability. It is (Read more…)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | SensorsTechForum.com authored by Martin Beltov. Read the original post at: https://sensorstechforum.com/cve-2018-14634-linux-mutagen-astronomy-vulnerability-affects-rhel-cent-os-distros/