7.2
CVSSv2

CVE-2018-14634

Published: 25/09/2018 Updated: 20/07/2021
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 727
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

redhat enterprise linux server aus 6.6

redhat enterprise linux server aus 7.6

redhat enterprise linux workstation 7.0

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

redhat enterprise linux server eus 7.5

redhat enterprise linux server eus 7.6

redhat enterprise linux server tus 6.6

redhat enterprise linux server aus 6.5

redhat enterprise linux desktop 7.0

redhat enterprise linux server 7.0

redhat enterprise linux server eus 6.7

redhat enterprise linux server tus 7.6

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

netapp active iq performance analytics services -

Vendor Advisories

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 64 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 67 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Comm ...
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 65 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Several security issues were fixed in the Linux kernel ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 66 Advanced Update Support and Red Hat Enterprise Linux 66 Telco Extended Update SupportRed Hat Product Security has rated this update ...
NOTE: CVE-2018-14634 was already fixed in the 414 kernel released with the 201803 AMI release The advisory release date does not accurately reflect the date this was fixed The actual date of the fix being released is: 2018-04-23 An integer overflow flaw was found in the Linux kernel's create_elf_tables() function An unprivileged local user ...
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
NOTE: CVE-2018-14634 was already fixed in the 414 kernel released with the Amazon Linux 2 LTS release The advisory release date does not accurately reflect the date this was fixed An integer overflow flaw was found in the Linux kernel's create_elf_tables() function An unprivileged local user with access to SUID (or otherwise privileged) binary ...
Palo Alto Networks is aware of an integer overflow vulnerability in the Linux kernel's create_elf_tables() function (Ref # PAN-105966, CVE-2018-14634) ...
IBM Security Guardium has addressed the following vulnerabilities ...
IBM QRadar Network Security is affected by Linux kernel vulnerabilities ...
Oracle Linux Bulletin - October 2018 Description The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin Oracle Linux Bulletins are published on the same day as Oracle Critical ...
Oracle VM Server for x86 Bulletin - October 2018 Description The Oracle VM Server for x86 Bulletin lists all CVEs that had been resolved and announced in Oracle VM Server for x86 Security Advisories (OVMSA) in the last one month prior to the release of the bulletin Oracle VM Server for x86 Bulletins are published on the same day ...
PowerKVM is affected by vulnerabilities in the Linux Kernel IBM has now addressed these vulnerabilities ...

Exploits

/* EDB-Note: Systems with less than 32GB of RAM are unlikely to be affected by this issue, due to memory demands during exploitation EDB Note: poc-exploitc */ /* * poc-exploitc for CVE-2018-14634 * Copyright (C) 2018 Qualys, Inc * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Gener ...

Mailing Lists

Qualys Security Advisory Mutagen Astronomy: Integer overflow in Linux's create_elf_tables() (CVE-2018-14634) ======================================================================== Contents ======================================================================== Summary Analysis Exploitation Acknowledgments Timeline ========================= ...
Qualys Security Advisory Mutagen Astronomy: Integer overflow in Linux's create_elf_tables() (CVE-2018-14634) ======================================================================== Contents ======================================================================== Summary Analysis Exploitation Acknowledgments Timeline ========================= ...
Qualys Security Advisory System Down: A systemd-journald exploit ======================================================================== Contents ======================================================================== Summary CVE-2018-16864 - Analysis - Exploitation CVE-2018-16865 - Analysis - Exploitation CVE-2018-16866 - Analysis - Exploita ...
Qualys Security Advisory System Down: A systemd-journald exploit ======================================================================== Contents ======================================================================== Summary CVE-2018-16864 - Analysis - Exploitation CVE-2018-16865 - Analysis - Exploitation CVE-2018-16866 - Analysis - Exploita ...
Qualys Security Advisory CVE-2021-33910: Denial of service (stack exhaustion) in systemd (PID 1) ======================================================================== Contents ======================================================================== Summary Analysis Proof of concept Acknowledgments Timeline ================================= ...

Github Repositories

secmon-probes The security monitoring probes consist of active and passive checks The active checks are executed on the Nagios server The passive checks are executed on the Worker Nodes via a grid job that is submitted to each CREAM CE and ARC CE Active checks: check_pakiti_vuln argus-ban Passive checks: CRL FilePermVulns Pakiti Permissions RDSModuleCheck Torque check

Localroot Compile

Localroot Exploit This repository is a place where Localroot has been compiled and tested Linux Kernel Exploit with Compile #CVE  #Description  #Kernels Linux kernel XFRM Subsystem UAF [3x - 5x kernels] (Ubuntu 1404 / 1604 Server 44 LTS kernels, CentOS 8 418 kernels, Red Hat Enterprise Linux 4 418 kernels, Ubuntu 1804 Server LTS 415 kernels) CVE-2020-72

Linux Kernel Exploitation Pull requests are welcome Books 2014: "Android Hacker's Handbook" by Joshua J Drake 2012: "A Guide to Kernel Exploitation: Attacking the Core" by Enrico Perla and Massimiliano Oldani Workshops 2020: "Android Kernel Exploitation" by Ashfaq Ansari [workshop] Exploitation Techniques 2020: "Structures that can be u

linux-kernel-exploitation Books 2014: "Android Hacker's Handbook" by Joshua J Drake 2012: "A Guide to Kernel Exploitation: Attacking the Core" by Enrico Perla and Massimiliano Oldani Workshops 2020: "pwncollege: Module: Kernel Security" [workshop] 2020: "Android Kernel Exploitation" by Ashfaq Ansari [workshop] Exploitation Techniqu

PoC in GitHub 2020 CVE-2020-0014 It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable This could lead to a local escalation of privilege with no additional execution privileges needed User action is needed for exploitationProduct: AndroidVersions: Android-80 Android-81 Android-9 Android-10Android ID: A-1286745

PoC auto collect from GitHub.

PoC in GitHub 2020 CVE-2020-0022 In reassemble_and_dispatch of packet_fragmentercc, there is possible out of bounds write due to an incorrect bounds calculation This could lead to remote code execution over Bluetooth with no additional execution privileges needed User interaction is not needed for exploitationProduct: AndroidVersions: Android-80 Android-81 Android-9 Andr

Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out current Contents CVE-2011-2856 CVE-2011-3243 CVE-2013-2618 CVE-2013-6632 CVE-2014-1701 CVE-2014-1705 CVE-2014-1747 CVE-2014-3176 CVE-2014-6332 CVE-2014-7927 CVE-2014-7928 CVE-2015-0072 CVE-2015-0235 CVE-2015-0240 CVE-2015-1233 CVE-2015-1242 CVE-2015-1268 CV

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :

Recent Articles

Facebook monetizes 2FA, Singapore monetizes hacker, and ransomware creeps monetize US Democrats
The Register • Shaun Nichols in San Francisco • 29 Sep 2018

BBFC gets a side job shilling shoes

Roundup One or two things happened this week on the security front, like the elimination of the White House cyber czar, the massive leak of code from Aeroflot , and the debut of UEFI rootkits.
A few other stories may have slipped your radar this week. Such as:
When they weren't losing tens of millions of user account log-ins this week, the folks over at the house of Zuck were taking heat for another privacy blunder, this time involving two-factor authentication.
It seems Facebo...

Facebook monetizes 2FA, Singapore monetizes hacker, and ransomware creeps monetize US Democrats
The Register • Shaun Nichols in San Francisco • 29 Sep 2018

BBFC gets a side job shilling shoes

Roundup One or two things happened this week on the security front, like the elimination of the White House cyber czar, the massive leak of code from Aeroflot , and the debut of UEFI rootkits.
A few other stories may have slipped your radar this week. Such as:
When they weren't losing tens of millions of user account log-ins this week, the folks over at the house of Zuck were taking heat for another privacy blunder, this time involving two-factor authentication.
It seems Facebo...

Linux kernel 'give me root, now' security hole sighted, dubbed 'Mutagen Astronomy'
The Register • John Leyden • 27 Sep 2018

Red Hat Enterprise and CentOS users at risk

A Linux kernel vulnerability that can only be exploited locally is nonetheless proving a bit of a nuisance.
It's a classic local privilege escalation bug, dubbed CVE-2018-14634, and lets an intruder or logged-in rogue user obtain root-level control over the machine.
Eggheads at cloud security biz Qualys discovered the programming blunder, which stems from an integer overflow in the open-source kernel's create_elf_tables() function. It's not remotely exploitable, thank $deity, but on ...

Linux kernel 'give me root, now' security hole sighted, dubbed 'Mutagen Astronomy'
The Register • John Leyden • 27 Sep 2018

Red Hat Enterprise and CentOS users at risk

A Linux kernel vulnerability that can only be exploited locally is nonetheless proving a bit of a nuisance.
It's a classic local privilege escalation bug, dubbed CVE-2018-14634, and lets an intruder or logged-in rogue user obtain root-level control over the machine.
Eggheads at cloud security biz Qualys discovered the programming blunder, which stems from an integer overflow in the open-source kernel's create_elf_tables() function. It's not remotely exploitable, thank $deity, but on ...