vulnerability

Amazon Linux AMI: CVE-2018-14634: Security patch for kernel (ALAS-2018-1087)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	09/26/2018	10/05/2018	10/14/2022

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

09/26/2018

Added

10/05/2018

Modified

10/14/2022

Description

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

Solution

amazon-linux-upgrade-kernel

References

AMAZON-ALAS-2018-1087
UBUNTU-USN-3775-1
UBUNTU-USN-3775-2
UBUNTU-USN-3779-1
NVD-CVE-2018-14634

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today