back to article Linux kernel 'give me root, now' security hole sighted, dubbed 'Mutagen Astronomy'

A Linux kernel vulnerability that can only be exploited locally is nonetheless proving a bit of a nuisance. It's a classic local privilege escalation bug, dubbed CVE-2018-14634, and lets an intruder or logged-in rogue user obtain root-level control over the machine. Eggheads at cloud security biz Qualys discovered the …

  1. Herby
    Linux

    So...

    What version of the kernel has it "fixed"?

  2. This post has been deleted by its author

  3. Dwarf
    WTF?

    Thanks for clarifying.

    The CVE-2018-14634 vulnerability relates to a local privilege escalation bug in the Linux kernel, and creates a means to obtain root (administrator) privileges on a hacked system.

    Good job you explained that root is a privileged user, I expect most on this tech site won’t know that.

    Please can you get some journalists who understand their reader base.

    1. m0rt

      Re: Thanks for clarifying.

      Wow. Hug?

    2. sabroni Silver badge
      Facepalm

      Re: Thanks for clarifying.

      Yeah! No explaining stuff that I already know!!!!

      However, you better not just assume that I know stuff that I don't!

      How tricky than can be? Just collate a big list of everything that all the regular readers know and go through that list before publishing any article!

      1. m0rt

        Re: Thanks for clarifying.

        "How tricky than can be? Just collate a big list of everything that all the regular readers know and go through that list before publishing any article!"

        What a great idea. Or just insert inline helpful remarks directed towards specific reader bases:

        "relates to a local privilege escalation bug in the Linux kernel, and creates a means to obtain root ([newbies]administrator, [Autralian geeks]snigger) privileges on a hacked system."

    3. find users who cut cat tail

      Re: Thanks for clarifying.

      We clearly need more of that, not less.

      I am always confused by mentions of servers in articles not about restaurants, wonder why would people keep data in aerosol formations kilometres high in the sky and never understood how rodents are supposed to connect to computers. And who is General Failure and why is he reading my disk?

      1. m0rt

        Re: Thanks for clarifying.

        " And who is General Failure and why is he reading my disk?"

        I think that is the fault of General Protection.

        1. Joe Montana

          Re: Thanks for clarifying.

          "I think that is the fault of General Protection."

          It's not his fault, he passed orders down the chain to Colonel Panic.

          1. Ken Shabby
            Coat

            Re: Thanks for clarifying.

            Nah, it was Private Data

      2. Doctor Syntax Silver badge

        Re: Thanks for clarifying.

        " And who is General Failure and why is he reading my disk?"

        I'm not sure but I think Major Error is one of his direct reports. Or is the Kernel Panic.

        (Yes I do know but the sub-eds don't have a monopoly of bad puns round here.)

        1. Jamie Jones Silver badge

          Re: Thanks for clarifying.

          at least he's not trying to fsck your disk...

        2. Waseem Alkurdi
          Joke

          Re: Thanks for clarifying.

          Kernel Panic

          No, Kernel Panic is when popcorn kernels pop.

    4. Anonymous Coward
      Anonymous Coward

      Re: Thanks for clarifying.

      "Good job you explained that root is a privileged user, I expect most on this tech site won’t know that."

      Don't forget that Australians, editors and managers read this site too...

      Sometimes small words, talking slowly and repetition isn't enough to guarantee understanding.

      1. Kabukiwookie

        Re: Thanks for clarifying.

        Sometimes small words, talking slowly and repetition isn't enough to guarantee understanding.

        That's because you forgot to add 'louder' to that list...

    5. TonyJ
      Joke

      Re: Thanks for clarifying.

      @Dwarf

      "...Good job you explained that root is a privileged user, I expect most on this tech site won’t know that.

      Please can you get some journalists who understand their reader base..."

      Holy shit...small man syndrome?? You sure you're tall enough to play here?

      1. Waseem Alkurdi

        Re: Thanks for clarifying.

        I agree with @Dwarf.

        Tell that to astrophysics websites who couldn't bother explaining their physics to laymen.

        @TonyJ

        What, because his handle is @Dwarf? Gimme a break here.

    6. Doctor Syntax Silver badge

      Re: Thanks for clarifying.

      "I expect most on this tech site won’t know that."

      Maybe it needs explaining for the Microsoft marketing shills who keep coming along to downvote anything mildly critical of their masters.

    7. HorseflySteve

      Re: Thanks for clarifying.

      "You may know what I don't know, but not that I don't know it, and I can't tell you what it is that I don't know, so you must tell me everything" - Knots by R D Laing, also used in a song of the same name by Gentle Giant

  4. TrevorH

    Fixed in kernel-3.10.0-862.14.4.el7

    1. chasil

      I wonder which versions of Oracle's UEK were vulnerable.

      The 862.14.4 kernel just came down yesterday.

  5. amanfromMars 1 Silver badge

    A Difficult Current Iteration only a Worthy Few Know About and Need to Know ?

    Security researchers at Qualys explain: "Even though all Linux kernels are technically vulnerable, this issue is mitigated by a one-year-old patch that was backported to most long-term kernels and makes exploitation impossible."

    Impossible? Oh please. To be so sure it is not another "I did not have sexual relations with that woman" meme to regret having floated to media, is bound to be continually tested for proof of concept and integrity of security.

    The very best that anyone can hope for and expect nowadays is surely that Unauthorised Root Administrative Access Exploitation of SCADA Systems is improbable because it is not just so simple.

    1. Waseem Alkurdi
      Thumb Up

      Re: A Difficult Current Iteration only a Worthy Few Know About and Need to Know ?

      I see that your grammar has finally improved.

      1. Brewster's Angle Grinder Silver badge

        Re: A Difficult Current Iteration only a Worthy Few Know About and Need to Know ?

        It's grammar is your grammar.

        1. Anonymous Coward
          Anonymous Coward

          Re: A Difficult Current Iteration only a Worthy Few Know About and Need to Know ?

          Oh. Its Grammar. Would you mind ur own T9 :-)

      2. amanfromMars 1 Silver badge

        Re:Program programowania chcą zadzierać z głowy i spowodować międzynarodowych zdarzeń

        Improved Enough to be Able to Enabled Followers Realising Simplified Words Leading to Heavenly AId Destinations, Wadseem Alkurdi, ... for NEUKlearer HyperRadioProACTivated Live Operational Virtual Environments?

        A COSMIC Space for Universal ProgramMING ...... https://amanfrommars.blogspot.com/search?q=ProgramMING

        And Patently Registering Here Now.

        1. Waseem Alkurdi
          WTF?

          Re: Re:Program programowania chcą zadzierać z głowy i spowodować międzynarodowych zdarzeń

          Hey! You've misspelled my name!

          1. amanfromMars 1 Silver badge
            Facepalm

            Re: Re:Program programowania chcą zadzierać z głowy i spowodować międzynarodowych zdarzeń

            Hey! You've misspelled my name! .... Waseem Alkurdi

            00Ops! Apologies for that, Waseem Alkurdi.

  6. W60

    seemed to miss calling out what I see is a relatively important point -- the server needs to have 32GB or more memory:

    Our exploit requires "only" 2 * 16GB = 32GB of memory, instead of 3 * 16GB = 48GB or more, because we use a few tricks to reduce its memory footprint

  7. Doctor Syntax Silver badge

    "local attacker can exploit this vulnerability via a SUID-root binary and obtain full root privileges,"

    I find this a little odd unless the exploit can only be run from the console. I suspect they mean it needs command line access but that can be achieved via ssh.

    OTOH kudos for the anagram name.

    1. DCFusor

      Yeah, I haven't noticed anything I can do from a physical console I can't do via SSH or even VNC - same permissions all around once logged in either way as far as I can tell.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like