Attacker Value
Unknown
CVE-2018-14634
CVE-2018-14634
(Last updated October 06, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
An integer overflow flaw was found in the Linux kernel’s create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
7.8 High
Impact Score:
5.9
Exploitability Score:
1.8
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
- canonical,
- linux,
- netapp,
- redhat
Products
- active iq performance analytics services -,
- enterprise linux desktop 6.0,
- enterprise linux desktop 7.0,
- enterprise linux server 6.0,
- enterprise linux server 7.0,
- enterprise linux server aus 6.5,
- enterprise linux server aus 6.6,
- enterprise linux server aus 7.6,
- enterprise linux server eus 6.7,
- enterprise linux server eus 7.5,
- enterprise linux server eus 7.6,
- enterprise linux server tus 6.6,
- enterprise linux server tus 7.6,
- enterprise linux workstation 6.0,
- enterprise linux workstation 7.0,
- linux kernel,
- ubuntu linux 12.04,
- ubuntu linux 14.04
References
Advisory
