Alerts This Week
Warning Icon 1 924
Alerts This Week
Warning Icon 1 924

Mageia: 2019-0100 Moderate: Spice Out-Of-Bounds Read Denial Of Service

mageia
Calendar Grey February 22, 2019
Dist Mageia Esm H88
Revamped condiment bundles fix pivotal vulnerabilities impacting iterations 0.5.2 through 0.14.1 on Mageia distributions.
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt

Summary

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers. (CVE-2019-3813)
A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts. (CVE-2018-10873)
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code. (CVE-2018-10893)

References

- https://bugs.mageia.org/show_bug.cgi?id=24257

- https://www.openwall.com/lists/oss-security/2019/01/28/2

- https://access.redhat.com/errata/RHSA-2019:0231

- https://ubuntu.com/security/notices/USN-3870-1

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OWH2AHGKTPR5QUGXUYGY6CAEI3O7RPLL/

- https://www.openwall.com/lists/oss-security/2018/08/17/1

- - - https://www.cve.org/CVERecord?id=CVE-2019-3813

- https://www.cve.org/CVERecord?id=CVE-2018-10873

- https://www.cve.org/CVERecord?id=CVE-2018-10893

Topics%20covered

Topics Covered

security advisory denial of service code execution out-of-bounds read Mageia

Resolution

SRPMS

- 6/core/spice-0.13.90-1.2.mga6

Publication date: 22 Feb 2019
URL: https://advisories.mageia.org/MGASA-2019-0100.html
Type: security
CVE: CVE-2019-3813, CVE-2018-10873, CVE-2018-10893

Topics%20covered

Topics Covered

security advisory denial of service code execution out-of-bounds read Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here