CVE-2018-14634

Summary

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

Affected Software

VendorProductVersion RangeStatus
The Linux Foundationkernel2.6.x, 3.10.x, 4.14.xaffected

Weaknesses

  • CWE-190: CWE-190

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

References