7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
8.7%
Palo Alto Networks is aware of an integer overflow vulnerability in the Linux kernel’s create_elf_tables() function. (Ref # PAN-105966, CVE-2018-14634)
Successful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system.
To successfully exploit this vulnerability, an attacker would need local user account to access CLI, as well as, an unrelated vulnerability allowing the local user to execute arbitrary code in a chained attack. This combination would result in the execution of malicious code and achieving complete control of the affected system.
This issue does not affect 32-bit systems as they do not have a large enough address space to exploit this flaw.
This issue affects This only affects 64bit systems with more than 32 GB of available memory.
The affected platform and versions are PAN-OS 7.1.22 and earlier running on M-500 and WF-500; PAN-OS 8.0.15 and earlier running on PA-5220, PA-5250, PA-5260, M-500 and WF-500; and PAN-OS 8.1.6 and earlier running on PA-5220, PA-5250, PA-5260, PA-5280, M-500, M-600 and WF-500. PAN-OS 9.0 is NOT affected.
Work around:
No work around available.
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
8.7%