Your submission was sent successfully! Close

CVE-2019-3813

Published: 28 January 2019

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.

Notes

AuthorNote
leosilva
Issues that touch python_modules for spice in Xenial
need to be addressed in spice-protocol.
Priority

High

CVSS 3 base score: 7.5

Status

Package Release Status
spice
Launchpad, Ubuntu, Debian
bionic
Released (0.14.0-1ubuntu2.4)
cosmic
Released (0.14.0-1ubuntu4.2)
precise Does not exist

trusty
Released (0.12.4-0nocelt2ubuntu1.8)
upstream Pending
(0.14.2)
xenial
Released (0.12.6-4ubuntu0.4)
spice-gtk
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
cosmic Not vulnerable
(code not present)
precise Does not exist

trusty Does not exist
(trusty was not-affected [code not present])
upstream Not vulnerable
(code not present)
xenial Not vulnerable
(code not present)
spice-protocol
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
cosmic Not vulnerable
(code not present)
precise Does not exist

trusty Does not exist
(trusty was not-affected [code not present])
upstream Not vulnerable
(code not present)
xenial Not vulnerable
(code not present)