Wind River Support Network

HomeDefectsSCP6-1302
Fixed

SCP6-1302 : Security Advisory - linux - CVE-2018-14634

Created: Oct 14, 2018    Updated: Mar 8, 2020
Resolved Date: Apr 8, 2019
Found In Version: 6.0.0.38
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Kernel

Description

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

https://nvd.nist.gov/vuln/detail/CVE-2018-14634
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube