CVE-2018-14634
Published: 25 September 2018
Summary
CVE-2018-14634 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in F5 Big-Ip Access Policy Manager. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 4.3% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-6 (Least Privilege).
Deeper analysis
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function, tracked as CVE-2018-14634 and CWE-190. The issue affects kernel versions 2.6.x, 3.10.x, and 4.14.x and carries a CVSS 3.0 base score of 7.8.
An unprivileged local user with access to an SUID binary or other privileged executable can exploit the flaw to escalate privileges on the affected system. The attack requires local access but no user interaction and results in full compromise of confidentiality, integrity, and availability.
Red Hat has published errata RHSA-2018:2748, RHSA-2018:2763, and RHSA-2018:2846 that provide updated kernels; additional details appear in the referenced Openwall and SecurityFocus entries. No information on observed in-the-wild exploitation is supplied in the source data.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-6537
Vulnerability details
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and…
more
4.14.x are believed to be vulnerable.
- CWE(s)
- KEV Date Added
- 26 January 2026
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires installation of the vendor kernel patches (RHSA-2018:2748 etc.) that eliminate the integer-overflow flaw in create_elf_tables().
Enforces least-privilege execution so that only the minimal set of users may invoke SUID binaries that trigger the vulnerable code path.
Restricts the system to the least functionality by removing or disabling unnecessary SUID binaries that an unprivileged user could otherwise abuse.