CVE-2018-14634
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- July 27, 2018
- Published Date
- September 25, 2018
- Last Updated
- January 27, 2026
- Vendor
- The Linux Foundation
- Product
- kernel
- Description
- An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
- Tags
- Exploitation
- active
- Technical Impact
- total
- Exploited in the Wild
- Yes (2026-06-01 10:49:47 UTC) Source
cisa
CVSS Scores
CVSS v3.0
7.8 - HIGH
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SSVC Information
Exploit Status
References
https://access.redhat.com/errata/RHSA-2018:3540
https://security.netapp.com/advisory/ntap-20190204-0002/
https://access.redhat.com/errata/RHSA-2018:2925
https://access.redhat.com/errata/RHSA-2018:3591
https://www.exploit-db.com/exploits/45516/
https://usn.ubuntu.com/3775-1/
https://access.redhat.com/errata/RHSA-2018:2933
https://usn.ubuntu.com/3779-1/
https://access.redhat.com/errata/RHSA-2018:2748
https://access.redhat.com/errata/RHSA-2018:3590
https://usn.ubuntu.com/3775-2/
https://access.redhat.com/errata/RHSA-2018:2763
http://www.securityfocus.com/bid/105407
https://access.redhat.com/errata/RHSA-2018:2924
https://access.redhat.com/errata/RHSA-2018:3586
https://access.redhat.com/errata/RHSA-2018:3643
https://access.redhat.com/errata/RHSA-2018:2846
https://www.openwall.com/lists/oss-security/2018/09/25/4
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634
https://support.f5.com/csp/article/K20934447?utm_source=f5support&%3Butm_medium=RSS
https://security.paloaltonetworks.com/CVE-2018-14634
http://www.openwall.com/lists/oss-security/2021/07/20/2
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CVE | 2026-06-01 10:49:47 UTC |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel