While everyone’s out star-gazing, KernelCare shoots ‘Mutagen Astronomy’ back down to earth
It is Fall in the Northern Hemisphere, and everyone’s out gazing into the clear dark skies when they should be indoors looking after their servers. Why?
Because yet another 10-year-old flaw has been found in the Linux kernel, this time in the create_elf_tables() function, that, when subject to an integer overflow condition, can allow root-level privileged code to run.
This vulnerability, also known as CVE–2018–14634, and existing in Red Hat Enterprise Linux and CentOS, was automatically patched on systems running KernelCare, the kernel security software which patches kernels without reboots.
Avoid Too Many Arguments by reading about the patch here.