Is CVE-2018-14634 actively exploited?

CVE-2018-14634 has no public evidence of in-the-wild exploitation as of 2026-01-27.

What is the CVSS score for CVE-2018-14634?

CVE-2018-14634 has a CVSS score of 7.8 (HIGH severity). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

How do I patch CVE-2018-14634?

Patch guidance is available from paloaltonetworks security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2018-14634.

Fix CVE-2018-14634 - HIGH paloaltonetworks pan-os

Q: Which products are affected by CVE-2018-14634?

97 products: paloaltonetworks pan-os, paloaltonetworks pan-os, paloaltonetworks pan-os, f5 big-ip access policy manager, f5 big-ip access policy manager, and 92 more.

Description

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

CVSS Metrics

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector: local
Complexity: low
Privileges: low
User Action: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Weaknesses: CWE-190 · Integer Overflow CWE-190 · Integer Overflow

Metadata

Primary Vendor: PALOALTONETWORKS
Published: 9/25/2018
Last Modified: 1/27/2026
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

paloaltonetworks : pan-ospaloaltonetworks : pan-ospaloaltonetworks : pan-osf5 : big-ip_access_policy_managerf5 : big-ip_access_policy_managerf5 : big-ip_access_policy_managerf5 : big-ip_access_policy_managerf5 : big-ip_access_policy_managerf5 : big-ip_advanced_firewall_managerf5 : big-ip_advanced_firewall_managerf5 : big-ip_advanced_firewall_managerf5 : big-ip_advanced_firewall_managerf5 : big-ip_advanced_firewall_managerf5 : big-ip_analyticsf5 : big-ip_analyticsf5 : big-ip_analyticsf5 : big-ip_analyticsf5 : big-ip_analyticsf5 : big-ip_application_acceleration_managerf5 : big-ip_application_acceleration_managerf5 : big-ip_application_acceleration_managerf5 : big-ip_application_acceleration_managerf5 : big-ip_application_acceleration_managerf5 : big-ip_application_security_managerf5 : big-ip_application_security_managerf5 : big-ip_application_security_managerf5 : big-ip_application_security_managerf5 : big-ip_application_security_managerf5 : big-ip_domain_name_systemf5 : big-ip_domain_name_systemf5 : big-ip_domain_name_systemf5 : big-ip_domain_name_systemf5 : big-ip_domain_name_systemf5 : big-ip_edge_gatewayf5 : big-ip_edge_gatewayf5 : big-ip_edge_gatewayf5 : big-ip_edge_gatewayf5 : big-ip_edge_gatewayf5 : big-ip_fraud_protection_servicef5 : big-ip_fraud_protection_servicef5 : big-ip_fraud_protection_servicef5 : big-ip_fraud_protection_servicef5 : big-ip_fraud_protection_servicef5 : big-ip_global_traffic_managerf5 : big-ip_global_traffic_managerf5 : big-ip_global_traffic_managerf5 : big-ip_global_traffic_managerf5 : big-ip_global_traffic_managerf5 : big-ip_link_controllerf5 : big-ip_link_controllerf5 : big-ip_link_controllerf5 : big-ip_link_controllerf5 : big-ip_link_controllerf5 : big-ip_local_traffic_managerf5 : big-ip_local_traffic_managerf5 : big-ip_local_traffic_managerf5 : big-ip_local_traffic_managerf5 : big-ip_local_traffic_managerf5 : big-ip_policy_enforcement_managerf5 : big-ip_policy_enforcement_managerf5 : big-ip_policy_enforcement_managerf5 : big-ip_policy_enforcement_managerf5 : big-ip_policy_enforcement_managerf5 : big-ip_webacceleratorf5 : big-ip_webacceleratorf5 : big-ip_webacceleratorf5 : big-ip_webacceleratorf5 : big-ip_webacceleratorf5 : big-iq_centralized_managementf5 : big-iq_centralized_managementf5 : big-iq_centralized_managementf5 : big-iq_centralized_managementf5 : big-iq_cloud_and_orchestrationf5 : enterprise_managerf5 : iworkflowf5 : traffix_signaling_delivery_controllerf5 : traffix_signaling_delivery_controllerlinux : linux_kernellinux : linux_kernellinux : linux_kernelredhat : enterprise_linux_desktopredhat : enterprise_linux_desktopredhat : enterprise_linux_serverredhat : enterprise_linux_serverredhat : enterprise_linux_server_ausredhat : enterprise_linux_server_ausredhat : enterprise_linux_server_ausredhat : enterprise_linux_server_eusredhat : enterprise_linux_server_eusredhat : enterprise_linux_server_eusredhat : enterprise_linux_server_tusredhat : enterprise_linux_server_tusredhat : enterprise_linux_workstationredhat : enterprise_linux_workstationcanonical : ubuntu_linuxcanonical : ubuntu_linuxnetapp : snapprotect

Remediation Guidance

Executive Summary

View on NIST NVD