CVE Database · CVE-2018-14634
CVSS v3.1
N/A
EPSS
14.81%
Published
Sep 25, 2018
Modified
Jan 27, 2026
CISA Known Exploited Vulnerability
Added: 2026-01-26 · Due: 2026-02-16
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Public PoC / Exploit (3)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
Weaknesses (CWE)
Affected Products (97)
References (20)
...and 47 more
