VDB

CISA-2018-14634

CISA-2018-14634 PUBLISHED CVSS 7.8 HIGH

Reported by redhat · Published September 25, 2018

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

Risk Scores

CVSS 3.0
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
The Linux Foundationkernel2.6.x, 3.10.x, 4.14.x
The Linux Foundationkernel2.6.x, 3.10.x, 4.14.x, *

Timeline

  • Sep 25, 2018 CVE Published
  • Jan 27, 2026 CVE Updated
  • Mar 26, 2026 Distribution Patch
  • Mar 26, 2026 Distribution Patch
  • Mar 26, 2026 Distribution Patch
  • Mar 26, 2026 Distribution Patch
  • Mar 26, 2026 Distribution Patch
  • Mar 26, 2026 Distribution Patch
  • Mar 26, 2026 Distribution Patch
  • Mar 26, 2026 Distribution Patch
  • Mar 26, 2026 Distribution Patch
  • Mar 26, 2026 Distribution Patch

References

…and 3 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›