CVE-2018-14634

high

F5 ⚠️ CISA KEV — Exploited in the Wild

CVSS v3 Base Score

7.8

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

25.7%

Exploitation probability in 30 days

Top 4% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Confidentiality

High

Integrity

High

Availability

High

Published: September 25, 2018 (2787 days ago)

Last Modified: January 27, 2026

Vendor: F5

⚠️ CISA Known Exploited Vulnerability

Added to KEV: 2026-01-26

Remediation Due: 2026-02-16 (⚠ 87d overdue)

Description

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

CWE

CWE-190

Affected Products

paloaltonetworks pan-osf5 big-ip access policy managerf5 big-ip advanced firewall managerf5 big-ip analyticsf5 big-ip application acceleration managerf5 big-ip application security managerf5 big-ip domain name systemf5 big-ip edge gatewayf5 big-ip fraud protection servicef5 big-ip global traffic manager

References

🔗 www.openwall.com 🔗 www.securityfocus.com 🔗 access.redhat.com 🔗 access.redhat.com 🔗 access.redhat.com

CVE-2018-14634

⚠️ CISA Known Exploited Vulnerability

Vulnerability Report

Description

CWE

Affected Products

References