From theregister.co.uk
A new Linux kernel vulnerability that can only be locally exploited is nonetheless proving a bit of a nuisance.
The CVE-2018-14634 vulnerability relates to a local privilege escalation bug in the Linux kernel, and creates a means to obtain root (administrator) privileges on a hacked system.
Security researchers at cloud security firm Qualys discovered the vulnerability, which stems from an integer overflow in the Linux kernel’s create_elf_tables() function. It’s not remotely exploitable, thank heavens, but on a vulnerable 64-bit system, a “local attacker can exploit this vulnerability via a SUID-root binary and obtain full root privileges,” Qualys warns.
Read more here