CVE-2018-14634
HIGH7.8⚠ KEVEPSS 20.6%Linux Kernel Integer Overflow Vulnerability
發布日:2018/9/25修改日:2026/4/28加入 CISA KEV 日:2026/1/26
也稱為:DEBIAN-CVE-2018-14634
描述
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
受影響套件(1)
- Debian/linuxfrom 0, < 4.12.6-1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |