CVE-2018-14634 — HIGH (7.8)

Q: How severe is CVE-2018-14634?

CVE-2018-14634 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-14634?

Check the references section above for vendor advisories and patch information. Affected products include: Paloaltonetworks Pan-Os, F5 Big-Ip Access Policy Manager, F5 Big-Ip Advanced Firewall Manager, F5 Big-Ip Analytics, F5 Big-Ip Application Acceleration Manager.

Vulnerability Description

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

CVSS Score

7.8

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Paloaltonetworks	Pan-Os	>= 7.1.0, < 7.1.23
F5	Big-Ip Access Policy Manager	>= 11.2.1, < 11.6.4
F5	Big-Ip Advanced Firewall Manager	>= 11.2.1, < 11.6.4
F5	Big-Ip Analytics	>= 11.2.1, < 11.6.4
F5	Big-Ip Application Acceleration Manager	>= 11.2.1, < 11.6.4
F5	Big-Ip Application Security Manager	>= 11.2.1, < 11.6.4
F5	Big-Ip Domain Name System	>= 11.2.1, < 11.6.4
F5	Big-Ip Edge Gateway	>= 11.2.1, < 11.6.4
F5	Big-Ip Fraud Protection Service	>= 11.2.1, < 11.6.4
F5	Big-Ip Global Traffic Manager	>= 11.2.1, < 11.6.4
F5	Big-Ip Link Controller	>= 11.2.1, < 11.6.4
F5	Big-Ip Local Traffic Manager	>= 11.2.1, < 11.6.4
F5	Big-Ip Policy Enforcement Manager	>= 11.2.1, < 11.6.4
F5	Big-Ip Webaccelerator	>= 11.2.1, < 11.6.4
F5	Big-Iq Centralized Management	>= 5.0.0, <= 5.4.0
F5	Big-Iq Cloud And Orchestration	1.0.0
F5	Enterprise Manager	3.1.1
F5	Iworkflow	>= 2.2.0, <= 2.3.0
F5	Traffix Signaling Delivery Controller	>= 5.0.0, <= 5.1.0
Linux	Linux Kernel	>= 2.6.0, <= 2.6.39.4

Related Weaknesses (CWE)

CWE-190

References

http://www.openwall.com/lists/oss-security/2021/07/20/2Mailing ListThird Party Advisory
http://www.securityfocus.com/bid/105407Third Party AdvisoryVDB EntryBroken Link
https://access.redhat.com/errata/RHSA-2018:2748Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2763Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2846Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2924Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2925Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2933Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3540Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3586Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3590Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3591Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3643Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634Issue TrackingThird Party Advisory
https://security.netapp.com/advisory/ntap-20190204-0002/PatchThird Party Advisory

FAQ

What is CVE-2018-14634?

CVE-2018-14634 is a vulnerability with a CVSS score of 7.8 (HIGH). An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate t...

How severe is CVE-2018-14634?

CVE-2018-14634 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-14634?

Check the references section above for vendor advisories and patch information. Affected products include: Paloaltonetworks Pan-Os, F5 Big-Ip Access Policy Manager, F5 Big-Ip Advanced Firewall Manager, F5 Big-Ip Analytics, F5 Big-Ip Application Acceleration Manager.