Security researchers at Qualys have discovered a new vulnerability in the Linux kernel that affects Red Hat Enterprise Linux (RHEL) and CentOS Linux distributions.
The local privileged escalation (LPE) vulnerability (CVE-2018-14634) is dubbed Mutagen Astronomy.
Qualys summarized the threat in a recent advisory published on Tuesday:
“We discovered an integer overflow in the Linux kernel’s create_elf_tables() function: on a 64-bit system, a local attacker can exploit this vulnerability via a SUID-root binary and obtain full root privileges.”
Details of proof-of-concept (PoC) code and analysis of the exploit was also posted by Qualys.
Red Hat issued a security advisory stating the issue affects Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. However, the bug does not affect older Red Hat 5 versions, 32-bit systems or likely systems with less than 32GB of memory.
Red Hat provided mitigation steps to address the vulnerability and also a kernel security and bug fix update for Red Hat Enterprise Linux 7 (RHSA-2018:2748).
The vulnerability has been rated a preliminary CVSS base score of 7.8 or high severity.