CVE-2019-10142 Freescale hypervisor management driver integer overflow in ioctl – jul 2019

Preface: The Freescale hypervisor management driver provides several services to drivers and applications related to the Freescale hypervisor.

About: Integer overflows and other integer manipulation vulnerabilities frequently result in buffer overflows. An integer overflow occurs when an arithmetic operation results in a number that is too large to be stored in the space allocated for it.

Vulnerability details: The vulnerability exists due to integer overflow within the freescale hypervisor manager implementation in drivers/virt/fsl_hypervisor.c. A local guest user can send specially crafted data to the affected IOCTL , trigger integer overflow and execute arbitrary code on the target system.

Remedy: has released a software patch at the following link –