PT-2019-11594 · Linux+2 · Linux Kernel+2

Marian Rehak

Publicado

2019-05-22

Atualizado

2019-10-09

CVE-2019-10142

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 5.0.x up to, excluding 5.0.17

Description: A flaw in the Linux kernel's freescale hypervisor manager implementation allows an attacker to crash the system, corrupt memory, or create other adverse security effects. This is due to incorrect validation and use of a parameter passed to an ioctl in size calculations for the page size calculation.

Recommendations: For Linux kernel versions 5.0.x up to, excluding 5.0.17, consider updating to version 5.0.17 or later to resolve the issue. As a temporary workaround, restrict access to the ioctl to minimize the risk of exploitation.

Exploit

Correção

Buffer Overflow

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-190

Identificadores relacionados

ALT-PU-2019-1892

ALT-PU-2019-1893

ALT-PU-2019-1896

ALT-PU-2019-2077

CVE-2019-10142

MGASA-2019-0185

MGASA-2019-0196

MGASA-2019-0197

USN-4076-1

Produtos afetados

Alt Linux

Linux Kernel

Ubuntu

PT-2019-11594 · Linux+2 · Linux Kernel+2

CVE-2019-10142

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 36