CVE-2019-10142

CWE-119Buffer OverflowCWE-190Integer Overflow9 documents8 sources
Severity
7.8HIGH
EPSS
0.1%
top 82.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux Linux KernelRedhat Kernel
Timeline
PublishedJul 30
Latest updateMay 24

Description

A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages3 packages

NVDlinux/linux_kernel5.05.0.17
CVEListV5redhat/kernel5.0.x up to, excluding 5.0.17
Debianlinux< 5.2.6-1+3

🔴Vulnerability Details

3
GHSA
GHSA-hr9w-2cfw-r557: A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 52022-05-24
CVEList
CVE-2019-10142: A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 52019-07-30
OSV
CVE-2019-10142: A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 52019-07-30

📋Vendor Advisories

3
Ubuntu
Linux kernel vulnerabilities2019-07-25
Red Hat
kernel: integer overflow in ioctl handling of fsl hypervisor2019-05-14
Debian
CVE-2019-10142: linux - A flaw was found in the Linux kernel's freescale hypervisor manager implementati...2019

💬Community

2
Bugzilla
CVE-2019-10142 kernel: integer overflow in ioctl handling of fsl hypervisor2019-05-17
Bugzilla
CVE-2019-10142 kernel: assumption of correct user input in drivers/virt/fsl_hypervisor.c leads to integer overflow [fedora-all]2019-05-17
CVE-2019-10142 (HIGH CVSS 7.8) | A flaw was found in the Linux kerne | cvebase.io