Be aware! All versions of Red Hat Enterprise Linux and CentOS are vulnerable to ‘Mutagen Astronomy’ flaw.
This integer overflow flaw known as CVE-2018-14634 is present in a critical Linux kernel function for memory management. If it is exploited hackers can have full local access to a system.
The good news is that a patch for the flaw is already available, in consequence, most Linux distributions have already been patched. But Red Hat Linux Enterprise, CentOS, and the Debian 8 are yet not patched.
This big security flaw affects Red Hat Enterprise Linux 6, 7, and Red Hat Enterprise MRG 2. Any Linux kernel shipped with Red Hat Linux 5 is not impacted, and systems with less than 32GB of memory are also very unlikely to be impacted by the vulnerability.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
The vulnerability has a CVSS base score of 7.8, but Red Hat creators cataloged it as having a high impact on confidentiality, integrity, and availability because it can be exploitable with no user-interaction needed and low attack complexity.
Mutagen Astronomy is another reminder of the importance of the need for layered defenses. Often
hackers combine the use of lower-severity flaws with more severe ones like the Mutagen Astronomy flaw to create a very functional attack.
That is why proper vulnerability and patch management is crucial, and should not be neglected.
In this particular case, most distributions backported the patch for the flaw, but Red Hat Enterprise Linux and CentOS did not. Keep in mind that all versions of these distributions are affected – even in their default and minimal installations.
We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.