CVE-2018-14634

7.8 HIGH CISA KEV - Actively Exploited
Published: September 25, 2018 Modified: January 27, 2026
View on NVD

Description

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/07/20/2
Source: secalert@redhat.com
Mailing List Third Party Advisory
http://www.securityfocus.com/bid/105407
Source: secalert@redhat.com
Third Party Advisory VDB Entry Broken Link
https://access.redhat.com/errata/RHSA-2018:2748
Source: secalert@redhat.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2763
Source: secalert@redhat.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2846
Source: secalert@redhat.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2924
Source: secalert@redhat.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2925
Source: secalert@redhat.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2933
Source: secalert@redhat.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3540
Source: secalert@redhat.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3586
Source: secalert@redhat.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3590
Source: secalert@redhat.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3591
Source: secalert@redhat.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3643
Source: secalert@redhat.com
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634
Source: secalert@redhat.com
Issue Tracking Third Party Advisory
https://security.netapp.com/advisory/ntap-20190204-0002/
Source: secalert@redhat.com
Patch Third Party Advisory
https://security.paloaltonetworks.com/CVE-2018-14634
Source: secalert@redhat.com
Third Party Advisory
https://support.f5.com/csp/article/K20934447?utm_source=f5support&amp%3Butm_medium=RSS
Source: secalert@redhat.com
Third Party Advisory
https://usn.ubuntu.com/3775-1/
Source: secalert@redhat.com
Third Party Advisory
https://usn.ubuntu.com/3775-2/
Source: secalert@redhat.com
Third Party Advisory
https://usn.ubuntu.com/3779-1/
Source: secalert@redhat.com
Third Party Advisory
https://www.exploit-db.com/exploits/45516/
Source: secalert@redhat.com
Exploit Third Party Advisory VDB Entry
https://www.openwall.com/lists/oss-security/2018/09/25/4
Source: secalert@redhat.com
Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/07/20/2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://www.securityfocus.com/bid/105407
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry Broken Link
https://access.redhat.com/errata/RHSA-2018:2748
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2763
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2846
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2924
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2925
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2933
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3540
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3586
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3590
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3591
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3643
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Third Party Advisory
https://security.netapp.com/advisory/ntap-20190204-0002/
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Third Party Advisory
https://security.paloaltonetworks.com/CVE-2018-14634
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://support.f5.com/csp/article/K20934447?utm_source=f5support&amp%3Butm_medium=RSS
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://usn.ubuntu.com/3775-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://usn.ubuntu.com/3775-2/
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://usn.ubuntu.com/3779-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.exploit-db.com/exploits/45516/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.openwall.com/lists/oss-security/2018/09/25/4
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Mailing List Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14634
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

45 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.8 / 10.0
EPSS (Exploit Probability)
24.7%
96th percentile
Exploitation Status
Actively Exploited
Remediation due: 2026-02-16

Weaknesses (CWE)

CWE-190 CWE-190

Affected Vendors

netapp redhat canonical paloaltonetworks f5 linux

Related CVEs

CVE-2026-4478 8.1
CVE-2026-4477 3.1
CVE-2026-4476 6.3
CVE-2026-4475 8.8
CVE-2026-4474 2.4