7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
7.5%
Security researchers have published the details and proof-of-concept (PoC) exploits of an integer overflow vulnerability in the Linux kernel that could allow an unprivileged user to gain superuser access to the targeted system.
The vulnerability, discovered by cloud-based security and compliance solutions provider Qualys, which has been dubbed βMutagen Astronomy,β affects the kernel versions released between July 2007 and July 2017, impacting the Red Hat Enterprise Linux, CentOS, and Debian distributions.
The Mutagen Astronomy vulnerability tracked as CVE-2018-14634, is a type of a local privilege escalation issueβone of the most common issues with operating systems as a wholeβand exists in the Linux kernelβs create_elf_tables() function that operates the memory tables.
To successfully exploit this vulnerability, attackers need to have access to the targeted system and run their exploit that leads to a buffer overflow, thereby resulting in the execution of malicious code and achieving complete control of the affected system.
According to a security advisory published by Qualys on Tuesday, the security vulnerability can be exploited to escalate privileges to root via a SUID-root binary, but it only works on 64-bit systems.
> βThis issue does not affect 32-bit systems as they do not have a large enough address space to exploit this flaw. Systems with less than 32GB of memory are unlikely to be affected by this issue due to memory demands during exploitation,β an advisory released by Red Hat reads.
> βOnly kernels with commit b6a2fea39318 (βmm: variable length argument support,β from July 19, 2007) but without commit da029c11e6b1 (βexec: Limit arg stack to at most 75% of _STK_LIMβ, from July 7, 2017) are exploitable,β the Qualys advisory says.
Linux Kernel versions 2.6.x, 3.10.x and 4.14.x, are said to be vulnerable to the Mutagen Astronomy flaw.
While most Linux distributions have backported commit da029c11e6b1 to their long-term-supported kernels to address the issue, Red Hat Enterprise Linux, CentOS, and Debian 8 Jessie (the current βoldstableβ version) did not implement the changes and therefore, left vulnerable to the attacks.
Qualys reported the vulnerability to Red Hat on August 31, 2018, and to Linux kernel developers on September 18, 2018.
Red Hat, assigned the flaw as βimportantβ with a CVSS score of 7.8 (high severity), has patched the issue and begun releasing security updates that address the issue.
> βThis issue affects the version of the kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2 will address this issue,β Red Hat says.
However, the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 are not affected by the Mutagen Astronomy vulnerability.
Qualys researchers have also released both technical details and proof-of-concept (PoC) exploits (Exploit 1, Exploit 2) for the vulnerability to the public.
Found this article interesting? Follow THN on Facebook, Twitter ο and LinkedIn to read more exclusive content we post.
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
7.5%