Security researchers have discovered an integer overflow vulnerability in the Linux kernel which can be exploited by attackers to obtain full root privileges.Researchers from security firm Qualys discovered the vulnerability dubbed “Mutagen Astronomy,”(CVE-2018-14634).The vulnerability affect kernel version released between July 19, 2007, and July 7, 2017, and impacts certain version of Red Hat Enterprise Linux, CentOS, and Debian distributions.“An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.” said in the advisory published by Redhat.
You may be interested in reading: New Bug Crashes Mozilla Firefox on Windows, Linux, and Mac SystemsThe vulnerability was rated with a CVSS score of 7.8 and impact rate as ‘high’. Here to gain full access to the system the attacker first need access to the victim's system to exploit the vulnerability successfully. The successful exploitation will lead to buffer overflow and execution of malicious codes. According to Redhat, the issue does not affect 32 bit systems as they don't have enough space to exploit this flaw and Systems with memory less than 32 GB also less chance to be impacted the vulnerability. Redhat also said that Linux kernel shipped with Red Hat Enterprise Linux 5 are not affected by the issue. “This issue affects the version of the kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2 will address this issue. “Researchers have published technical details and proof-of-concept (PoC) exploits regarding this issue which can be seen here.For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedinand Twitter.