Vulnerability-Lookup

WID-SEC-W-2026-0217

Vulnerability from csaf_certbund - Published: 2018-09-25 22:00 - Updated: 2026-01-26 23:00

Summary

Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar. Die Produkte der Red Hat Enterprise Linux Produktfamilie sind Linux-Distribution der Firma Red Hat.

Angriff: Ein lokaler Angreifer kann eine Schwachstelle in Linux Kernel und Red Hat Enterprise Linux ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme: - Linux

CVE-2018-14634

Affected products

Known affected 5 products

Product	Identifier	Version
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

References

31 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://nvd.nist.gov/vuln/detail/CVE-2018-14634	external
https://access.redhat.com/errata/RHSA-2018:2763	external
https://access.redhat.com/errata/RHSA-2018:2748	external
http://linux.oracle.com/errata/ELSA-2018-2748.html	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2018-4230.html	external
http://linux.oracle.com/errata/ELSA-2018-4233.html	external
http://linux.oracle.com/errata/ELSA-2018-4234.html	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2018-2846.html	external
http://rhn.redhat.com/errata/RHSA-2018-2846.html	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2018-4245.html	external
http://linux.oracle.com/errata/ELSA-2018-4250.html	external
https://www.suse.com/support/update/announcement/…	external
http://rhn.redhat.com/errata/RHSA-2018-2933.html	external
http://rhn.redhat.com/errata/RHSA-2018-2925.html	external
http://rhn.redhat.com/errata/RHSA-2018-2924.html	external
https://support.f5.com/csp/article/K20934447	external
http://linux.oracle.com/errata/ELSA-2018-3083.html	external
https://access.redhat.com/errata/RHSA-2018:3591	external
https://access.redhat.com/errata/RHSA-2018:3540	external
https://access.redhat.com/errata/RHSA-2018:3586	external
https://access.redhat.com/errata/RHSA-2018:3590	external
https://access.redhat.com/errata/RHSA-2018:3643	external
https://www.suse.com/support/update/announcement/…	external
https://www.cisa.gov/news-events/alerts/2026/01/2…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.\r\nDie Produkte der Red Hat Enterprise Linux Produktfamilie sind Linux-Distribution der Firma Red Hat.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in Linux Kernel und Red Hat Enterprise Linux ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0217 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2026-0217.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0217 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0217"
      },
      {
        "category": "external",
        "summary": "Eintrag in der NIST Datenbank vom 2018-09-25",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14634"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory",
        "url": "https://access.redhat.com/errata/RHSA-2018:2763"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory",
        "url": "https://access.redhat.com/errata/RHSA-2018:2748"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-2748 vom 2018-09-26",
        "url": "http://linux.oracle.com/errata/ELSA-2018-2748.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:2879-1 vom 2018-09-27",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182879-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:2908-1 vom 2018-09-28",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182908-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:2907-1 vom 2018-09-28",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182907-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4230 vom 2018-09-29",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4230.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4233 vom 2018-09-29",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4233.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4234 vom 2018-09-29",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4234.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:3083-1 vom 2018-10-09",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183083-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-2846 vom 2018-10-10",
        "url": "http://linux.oracle.com/errata/ELSA-2018-2846.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:2846 vom 2018-10-09",
        "url": "http://rhn.redhat.com/errata/RHSA-2018-2846.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:3088-1 vom 2018-10-10",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183088-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4245 vom 2018-10-11",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4245.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4250 vom 2018-10-13",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4250.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:3171-1 vom 2018-10-17",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183171-1.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:2933 vom 2018-10-16",
        "url": "http://rhn.redhat.com/errata/RHSA-2018-2933.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:2925 vom 2018-10-16",
        "url": "http://rhn.redhat.com/errata/RHSA-2018-2925.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:2924 vom 2018-10-16",
        "url": "http://rhn.redhat.com/errata/RHSA-2018-2924.html"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory K20934447 vom 2018-10-22",
        "url": "https://support.f5.com/csp/article/K20934447"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-3083 vom 2018-11-06",
        "url": "http://linux.oracle.com/errata/ELSA-2018-3083.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:3591 vom 2018-11-14",
        "url": "https://access.redhat.com/errata/RHSA-2018:3591"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:3540 vom 2018-11-14",
        "url": "https://access.redhat.com/errata/RHSA-2018:3540"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:3586 vom 2018-11-14",
        "url": "https://access.redhat.com/errata/RHSA-2018:3586"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:3590 vom 2018-11-14",
        "url": "https://access.redhat.com/errata/RHSA-2018:3590"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:3643 vom 2018-11-20",
        "url": "https://access.redhat.com/errata/RHSA-2018:3643"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:2908-2 vom 2019-04-28",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20182908-2.html"
      },
      {
        "category": "external",
        "summary": "CISA Known Exploited Vulnerabilities Catalog vom 2026-01-26",
        "url": "https://www.cisa.gov/news-events/alerts/2026/01/26/cisa-adds-five-known-exploited-vulnerabilities-catalog"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Schwachstelle erm\u00f6glicht Privilegieneskalation",
    "tracking": {
      "current_release_date": "2026-01-26T23:00:00.000+00:00",
      "generator": {
        "date": "2026-01-27T07:31:20.931+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0217",
      "initial_release_date": "2018-09-25T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2018-09-25T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2018-09-25T22:00:00.000+00:00",
          "number": "2",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2018-09-26T22:00:00.000+00:00",
          "number": "3",
          "summary": "New remediations available"
        },
        {
          "date": "2018-09-27T22:00:00.000+00:00",
          "number": "4",
          "summary": "New remediations available"
        },
        {
          "date": "2018-09-30T22:00:00.000+00:00",
          "number": "5",
          "summary": "New remediations available"
        },
        {
          "date": "2018-10-09T22:00:00.000+00:00",
          "number": "6",
          "summary": "New remediations available"
        },
        {
          "date": "2018-10-09T22:00:00.000+00:00",
          "number": "7",
          "summary": "New remediations available"
        },
        {
          "date": "2018-10-10T22:00:00.000+00:00",
          "number": "8",
          "summary": "New remediations available"
        },
        {
          "date": "2018-10-14T22:00:00.000+00:00",
          "number": "9",
          "summary": "New remediations available"
        },
        {
          "date": "2018-10-16T22:00:00.000+00:00",
          "number": "10",
          "summary": "New remediations available"
        },
        {
          "date": "2018-10-16T22:00:00.000+00:00",
          "number": "11",
          "summary": "New remediations available"
        },
        {
          "date": "2018-10-22T22:00:00.000+00:00",
          "number": "12",
          "summary": "New remediations available"
        },
        {
          "date": "2018-11-05T23:00:00.000+00:00",
          "number": "13",
          "summary": "New remediations available"
        },
        {
          "date": "2018-11-13T23:00:00.000+00:00",
          "number": "14",
          "summary": "New remediations available"
        },
        {
          "date": "2018-11-20T23:00:00.000+00:00",
          "number": "15",
          "summary": "New remediations available"
        },
        {
          "date": "2019-04-28T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-01-26T23:00:00.000+00:00",
          "number": "17",
          "summary": "Schwachstelle wird ausgenutzt"
        }
      ],
      "status": "final",
      "version": "17"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source CentOS",
            "product": {
              "name": "Open Source CentOS",
              "product_id": "1727",
              "product_identification_helper": {
                "cpe": "cpe:/o:centos:centos:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "6368",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-14634",
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "6368",
          "1727",
          "T004914"
        ]
      },
      "release_date": "2018-09-25T22:00:00.000+00:00",
      "title": "CVE-2018-14634"
    }
  ]
}

CVE-2018-14634 (GCVE-0-2018-14634)

Vulnerability from cvelistv5 – Published: 2018-09-25 21:00 – Updated: 2026-01-27 13:34

Summary

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

Severity

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: active Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-190

Assigner

redhat

References

23 references

URL	Tags
https://access.redhat.com/errata/RHSA-2018:3540	vendor-advisoryx_refsource_REDHAT
https://security.netapp.com/advisory/ntap-2019020…	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2018:2925	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3591	vendor-advisoryx_refsource_REDHAT
https://www.exploit-db.com/exploits/45516/	exploitx_refsource_EXPLOIT-DB
https://usn.ubuntu.com/3775-1/	vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:2933	vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3779-1/	vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:2748	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3590	vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3775-2/	vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:2763	vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/105407	vdb-entryx_refsource_BID
https://access.redhat.com/errata/RHSA-2018:2924	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3586	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3643	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2846	vendor-advisoryx_refsource_REDHAT
https://www.openwall.com/lists/oss-security/2018/…	mailing-listx_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2…	x_refsource_CONFIRM
https://support.f5.com/csp/article/K20934447?utm_…	x_refsource_CONFIRM
https://security.paloaltonetworks.com/CVE-2018-14634	x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2021/07/20/2	mailing-listx_refsource_MLIST
https://www.cisa.gov/known-exploited-vulnerabilit…	government-resource

Impacted products

1 product

Vendor	Product	Version
The Linux Foundation	kernel	Affected: 2.6.x, 3.10.x, 4.14.x

Date Public

2018-09-25 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:38:13.057Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:3540",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3540"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190204-0002/"
          },
          {
            "name": "RHSA-2018:2925",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2925"
          },
          {
            "name": "RHSA-2018:3591",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3591"
          },
          {
            "name": "45516",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/45516/"
          },
          {
            "name": "USN-3775-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3775-1/"
          },
          {
            "name": "RHSA-2018:2933",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2933"
          },
          {
            "name": "USN-3779-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3779-1/"
          },
          {
            "name": "RHSA-2018:2748",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2748"
          },
          {
            "name": "RHSA-2018:3590",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3590"
          },
          {
            "name": "USN-3775-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3775-2/"
          },
          {
            "name": "RHSA-2018:2763",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2763"
          },
          {
            "name": "105407",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105407"
          },
          {
            "name": "RHSA-2018:2924",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2924"
          },
          {
            "name": "RHSA-2018:3586",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3586"
          },
          {
            "name": "RHSA-2018:3643",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3643"
          },
          {
            "name": "RHSA-2018:2846",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2846"
          },
          {
            "name": "[oss-security] 20180925 Integer overflow in Linux\u0027s create_elf_tables() (CVE-2018-14634)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2018/09/25/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K20934447?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2018-14634"
          },
          {
            "name": "[oss-security] 20210720 CVE-2021-33910: Denial of service (stack exhaustion) in systemd (PID 1)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/07/20/2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-14634",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-27T04:55:37.112982Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2026-01-26",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14634"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-27T13:34:52.261Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14634"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kernel",
          "vendor": "The Linux Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.x, 3.10.x, 4.14.x"
            }
          ]
        }
      ],
      "datePublic": "2018-09-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An integer overflow flaw was found in the Linux kernel\u0027s create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-20T14:06:15.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2018:3540",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3540"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190204-0002/"
        },
        {
          "name": "RHSA-2018:2925",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2925"
        },
        {
          "name": "RHSA-2018:3591",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3591"
        },
        {
          "name": "45516",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/45516/"
        },
        {
          "name": "USN-3775-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3775-1/"
        },
        {
          "name": "RHSA-2018:2933",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2933"
        },
        {
          "name": "USN-3779-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3779-1/"
        },
        {
          "name": "RHSA-2018:2748",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2748"
        },
        {
          "name": "RHSA-2018:3590",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3590"
        },
        {
          "name": "USN-3775-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3775-2/"
        },
        {
          "name": "RHSA-2018:2763",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2763"
        },
        {
          "name": "105407",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105407"
        },
        {
          "name": "RHSA-2018:2924",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2924"
        },
        {
          "name": "RHSA-2018:3586",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3586"
        },
        {
          "name": "RHSA-2018:3643",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3643"
        },
        {
          "name": "RHSA-2018:2846",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2846"
        },
        {
          "name": "[oss-security] 20180925 Integer overflow in Linux\u0027s create_elf_tables() (CVE-2018-14634)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://www.openwall.com/lists/oss-security/2018/09/25/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K20934447?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2018-14634"
        },
        {
          "name": "[oss-security] 20210720 CVE-2021-33910: Denial of service (stack exhaustion) in systemd (PID 1)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/07/20/2"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2018-14634",
    "datePublished": "2018-09-25T21:00:00.000Z",
    "dateReserved": "2018-07-27T00:00:00.000Z",
    "dateUpdated": "2026-01-27T13:34:52.261Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-0217

CVE-2018-14634 (GCVE-0-2018-14634)

Tags

Sightings

Nomenclature