There is a new exploit, rated as 7.8 severity level, that affects major Linux distributions of RedHat Enterprise Linux, Debian 8 and CentOS named Mutagen Astronomy. Mutagen Astronomy exploits an integer overflow vulnerability in the Linux kernel and supplies root access (admin privileges) to unauthorized users on the intended server. This exploit affects Linux kernel version dating back from July 2007 to July 2017. Living in the Kernel, the memory table can be manipulated to overflow using the create_tables_elf() function. After overwhelming the server, the hacker can then overtake the server with its malicious intents.
As mentioned this vulnerability is present in RedHat, Debian 8, and CentOS distributions but is limited to affecting only 64-bit versions as the 32-bit versions do not have the address space to overwhelm the server. Along with 64-bit versions, the exploit is also limited to Linux Kernel versions 2.6.x, 3.10.x, and 4.14.x. (Read our article How To Check the Kernel Version to see which version you are running) Proof of concept reported on August 31, 2018, and although remediation from a one-year-old patch was backported to most LTS (long-term support) kernels, CentOS and Debian 8 remain vulnerable.
RedHat has recently released a patch and updating to kernel-3.10.0-862.14.4.el7.x86_64.rpm will keep you safe from Mutagen Astronomy. Unfortunately, CentOS and Debian 8 distributions have not yet released a patch for the Mutagen Astronomy vulnerability but stay tuned as we will be updating this article once information is released.