Your submission was sent successfully! Close

CVE-2019-3813

Published: 28 January 2019

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.

Priority

High

CVSS 3 base score: 7.5

Status

Package Release Status
spice
Launchpad, Ubuntu, Debian
Upstream Pending
(0.14.2)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (0.14.0-1ubuntu2.4)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (0.12.6-4ubuntu0.4)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (0.12.4-0nocelt2ubuntu1.8)
spice-gtk
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(code not present)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(code not present)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [code not present])
spice-protocol
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(code not present)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(code not present)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [code not present])

Notes

AuthorNote
leosilva
Issues that touch python_modules for spice in Xenial
need to be addressed in spice-protocol.

References