CVE-2019-10142
Public on 2019-05-29
Modified on 2019-07-22
Description
A flaw was found in the Linux kernel's freescale hypervisor manager implementation. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects.
Severity
Important
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | kernel | 2019-05-29 | ALAS-2019-1214 | Fixed |
| Amazon Linux 2 - Core | kernel | 2019-05-29 | ALAS2-2019-1214 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 7.1 | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
| NVD | CVSSv2 | 4.6 | AV:L/AC:L/Au:N/C:P/I:P/A:P |
| NVD | CVSSv3 | 7.8 | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |