Rapid7 Vulnerability & Exploit Database

Huawei EulerOS: CVE-2018-14634: kernel security update

Back to Search

Huawei EulerOS: CVE-2018-14634: kernel security update

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

09/25/2018

Created

03/19/2019

Added

11/08/2018

Modified

11/28/2018

Description

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

Solution(s)

huawei-euleros-2_0_sp3-upgrade-kernel
huawei-euleros-2_0_sp3-upgrade-kernel-debuginfo
huawei-euleros-2_0_sp3-upgrade-kernel-debuginfo-common-x86_64
huawei-euleros-2_0_sp3-upgrade-kernel-devel
huawei-euleros-2_0_sp3-upgrade-kernel-headers
huawei-euleros-2_0_sp3-upgrade-kernel-tools
huawei-euleros-2_0_sp3-upgrade-kernel-tools-libs
huawei-euleros-2_0_sp3-upgrade-perf
huawei-euleros-2_0_sp3-upgrade-python-perf

References

https://attackerkb.com/topics/cve-2018-14634
105407
CVE - 2018-14634
EulerOS-SA-2018-1362
RHSA-2018:2748
RHSA-2018:2763
RHSA-2018:2846
RHSA-2018:2924
RHSA-2018:2925
RHSA-2018:2933
RHSA-2018:3540
RHSA-2018:3586
RHSA-2018:3590
RHSA-2018:3591
RHSA-2018:3643

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Huawei EulerOS: CVE-2018-14634: kernel security update