Last active
March 25, 2021 01:49
-
-
Save denisse-dev/7383a4ec5a7258597b7d007186044efc to your computer and use it in GitHub Desktop.
ASA-202103-10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Arch Linux Security Advisory ASA-202103-10 | |
========================================= | |
Severity: Critical | |
Date : 2021-03-24 | |
CVE-ID : CVE-2020-14355, CVE-2021-20201 | |
Package : spice | |
Type : arbitrary code execution, denial of service | |
Remote : Yes | |
Link : https://security.archlinux.org/AVG-1239 | |
Summary | |
======= | |
The package spice before version 0.14.3-3 is vulnerable to arbitrary | |
code execution and denial of service. | |
Resolution | |
========== | |
Upgrade to 0.14.91. | |
# pacman -Syu "spice>=0.14.91" | |
The problem has been fixed upstream in version 0.14.91. | |
Workaround | |
========== | |
None. | |
Description | |
=========== | |
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding | |
process of the SPICE remote display system. These flaws reside in the | |
spice-common shared code between the client and the Spice server. | |
A denial of service vulnerability was found in the OpenSSL implementation of | |
Spice. This vulnerability allows for a remote attacker to perform many TLS | |
renegotiations within a single connection resulting in a denial of service. | |
Impact | |
====== | |
An attacker might be able to cause a denial of service or execute arbitrary code | |
using a specially crafted message. | |
References | |
========== | |
https://www.openwall.com/lists/oss-security/2020/10/06/10 | |
https://gitlab.freedesktop.org/spice/spice-common/-/commit/762e0aba | |
https://gitlab.freedesktop.org/spice/spice-common/-/commit/404d7478 | |
https://gitlab.freedesktop.org/spice/spice-common/-/commit/ef1b6ff7 | |
https://gitlab.freedesktop.org/spice/spice-common/-/commit/b24fe6b6 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1921846 | |
https://gitlab.freedesktop.org/spice/spice/-/issues/49 | |
https://gitlab.freedesktop.org/spice/spice/-/merge_requests/150 | |
https://gitlab.freedesktop.org/spice/spice/-/commit/95a0cfac8a1c8eff50f05e65df945da3bb501fc9 | |
https://gitlab.freedesktop.org/spice/spice/-/commit/ca5bbc5692e052159bce1a75f55dc60b36078749 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment