CVE-2019-10142

MEDIUM

Description

A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10142

Details

Source: MITRE

Published: 2019-07-30

Updated: 2019-10-09

Type: CWE-190

Risk Information

CVSS v2.0

Base Score: 4.6

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Tenable Plugins

View all (9 total)

IDNameProductFamilySeverity
144831EulerOS Virtualization 3.0.2.6 : kernel (EulerOS-SA-2021-1056)NessusHuawei Local Security Checks
critical
131845EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-2353)NessusHuawei Local Security Checks
critical
130736EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2274)NessusHuawei Local Security Checks
critical
130663EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2201)NessusHuawei Local Security Checks
critical
127097Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4076-1)NessusUbuntu Local Security Checks
high
125605Amazon Linux AMI : kernel (ALAS-2019-1214)NessusAmazon Linux Local Security Checks
high
125598Amazon Linux 2 : kernel (ALAS-2019-1214)NessusAmazon Linux Local Security Checks
high
125429Fedora 29 : kernel (2019-8169b57f28)NessusFedora Local Security Checks
medium
125377Fedora 30 : kernel (2019-b318b2c6f3)NessusFedora Local Security Checks
medium