Home > Vulnerability Database > CVE-2018-14634

Mend.io Vulnerability Database

CVE-2018-14634

Good to know:

Date: September 25, 2018

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

Language: C

Severity Score

7.8

Related Resources (26)

Url: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634

Url: https://access.redhat.com/errata/RHSA-2018:2933

Url: https://usn.ubuntu.com/3775-2/

Url: https://access.redhat.com/security/cve/CVE-2018-14634

Url: https://security.netapp.com/advisory/ntap-20190204-0002/

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14634

Url: https://nvd.nist.gov/vuln/detail/CVE-2018-14634

Url: https://access.redhat.com/errata/RHSA-2018:3591

Url: https://access.redhat.com/errata/RHSA-2018:3590

Url: https://usn.ubuntu.com/3779-1/

Url: https://access.redhat.com/errata/RHSA-2018:2763

Url: http://www.securityfocus.com/bid/105407

Url: https://www.exploit-db.com/exploits/45516/

Url: https://access.redhat.com/errata/RHSA-2018:2748

Url: https://access.redhat.com/errata/RHSA-2018:2924

Url: https://access.redhat.com/errata/RHSA-2018:2925

Url: https://access.redhat.com/errata/RHSA-2018:2846

Url: https://support.f5.com/csp/article/K20934447?utm_source=f5support&%3Butm_medium=RSS

Url: https://usn.ubuntu.com/3775-1/

Url: http://www.openwall.com/lists/oss-security/2021/07/20/2

Url: https://security.paloaltonetworks.com/CVE-2018-14634

Url: https://www.openwall.com/lists/oss-security/2018/09/25/4

Url: https://access.redhat.com/errata/RHSA-2018:3643

Url: https://access.redhat.com/errata/RHSA-2018:3586

Url: https://access.redhat.com/errata/RHSA-2018:3540

Url: https://www.mend.io/vulnerability-database/CVE-2018-14634

Severity Score

7.8

Weakness Type (CWE)

Integer Overflow or Wraparound

CWE-190

Top Fix

Upgrade Version

Upgrade to version v4.13-rc1

Learn More

CVSS v3.1

Base Score:	7.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	7.2
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2018-14634

Good to know:

Date: September 25, 2018

Language: C

Severity Score

Related Resources (26)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?