[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2018-14634Date: (C)2018-10-03   (M)2024-02-22


An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.8CVSS Score : 7.2
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 5.9Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: COMPLETE
Scope: UNCHANGEDIntegrity: COMPLETE
Confidentiality: HIGHAvailability: COMPLETE
Integrity: HIGH 
Availability: HIGH 
  
Reference:
BID-105407
EXPLOIT-DB-45516
RHSA-2018:2748
RHSA-2018:2763
RHSA-2018:2846
RHSA-2018:2924
RHSA-2018:2925
RHSA-2018:2933
RHSA-2018:3540
RHSA-2018:3586
RHSA-2018:3590
RHSA-2018:3591
RHSA-2018:3643
USN-3775-1
USN-3775-2
USN-3779-1
https://www.openwall.com/lists/oss-security/2018/09/25/4
http://www.openwall.com/lists/oss-security/2021/07/20/2
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634
https://security.netapp.com/advisory/ntap-20190204-0002/
https://security.paloaltonetworks.com/CVE-2018-14634
https://support.f5.com/csp/article/K20934447?utm_source=f5support&%3Butm_medium=RSS

CWE    1
CWE-190
OVAL    16
oval:org.secpod.oval:def:1601009
oval:org.secpod.oval:def:204878
oval:org.secpod.oval:def:1700507
oval:org.secpod.oval:def:502362
...

© SecPod Technologies