An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 03:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.openwall.com/lists/oss-security/2021/07/20/2 - | |
References | () http://www.securityfocus.com/bid/105407 - Third Party Advisory, VDB Entry | |
References | () https://access.redhat.com/errata/RHSA-2018:2748 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:2763 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:2846 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:2924 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:2925 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:2933 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:3540 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:3586 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:3590 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:3591 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:3643 - Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634 - Issue Tracking, Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20190204-0002/ - Patch, Third Party Advisory | |
References | () https://security.paloaltonetworks.com/CVE-2018-14634 - | |
References | () https://support.f5.com/csp/article/K20934447?utm_source=f5support&%3Butm_medium=RSS - | |
References | () https://usn.ubuntu.com/3775-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3775-2/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3779-1/ - Third Party Advisory | |
References | () https://www.exploit-db.com/exploits/45516/ - Exploit, Third Party Advisory, VDB Entry | |
References | () https://www.openwall.com/lists/oss-security/2018/09/25/4 - Exploit, Mailing List, Third Party Advisory |
Information
Published : 2018-09-25 21:29
Updated : 2024-11-21 03:49
NVD link : CVE-2018-14634
Mitre link : CVE-2018-14634
CVE.ORG link : CVE-2018-14634
JSON object : View
Products Affected
redhat
- enterprise_linux_workstation
- enterprise_linux_server_tus
- enterprise_linux_server
- enterprise_linux_server_eus
- enterprise_linux_desktop
- enterprise_linux_server_aus
linux
- linux_kernel
netapp
- active_iq_performance_analytics_services
canonical
- ubuntu_linux
CWE
CWE-190
Integer Overflow or Wraparound