libspice-server-devel-0.15.0-1.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11397-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libspice-server-devel-0.15.0-1.3 on GA media These are all security issues fixed in the libspice-server-devel-0.15.0-1.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11397 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2013-4282/ SUSE CVE CVE-2013-4282 page https://www.suse.com/security/cve/CVE-2016-9577/ SUSE CVE CVE-2016-9577 page https://www.suse.com/security/cve/CVE-2016-9578/ SUSE CVE CVE-2016-9578 page https://www.suse.com/security/cve/CVE-2018-10873/ SUSE CVE CVE-2018-10873 page https://www.suse.com/security/cve/CVE-2018-10893/ SUSE CVE CVE-2018-10893 page https://www.suse.com/security/cve/CVE-2019-3813/ SUSE CVE CVE-2019-3813 page https://www.suse.com/security/cve/CVE-2020-14355/ SUSE CVE CVE-2020-14355 page openSUSE Tumbleweed libspice-server-devel-0.15.0-1.3 libspice-server1-0.15.0-1.3 libspice-server-devel-0.15.0-1.3 as a component of openSUSE Tumbleweed libspice-server1-0.15.0-1.3 as a component of openSUSE Tumbleweed Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket. CVE-2013-4282 openSUSE Tumbleweed:libspice-server-devel-0.15.0-1.3 openSUSE Tumbleweed:libspice-server1-0.15.0-1.3 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4282.html CVE-2013-4282 https://bugzilla.suse.com/848279 SUSE Bug 848279 A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution. CVE-2016-9577 openSUSE Tumbleweed:libspice-server-devel-0.15.0-1.3 openSUSE Tumbleweed:libspice-server1-0.15.0-1.3 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-9577.html CVE-2016-9577 https://bugzilla.suse.com/1023078 SUSE Bug 1023078 A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash. CVE-2016-9578 openSUSE Tumbleweed:libspice-server-devel-0.15.0-1.3 openSUSE Tumbleweed:libspice-server1-0.15.0-1.3 critical 5 AV:N/AC:L/Au:N/C:N/I:N/A:P 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-9578.html CVE-2016-9578 https://bugzilla.suse.com/1023078 SUSE Bug 1023078 https://bugzilla.suse.com/1023079 SUSE Bug 1023079 A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts. CVE-2018-10873 openSUSE Tumbleweed:libspice-server-devel-0.15.0-1.3 openSUSE Tumbleweed:libspice-server1-0.15.0-1.3 important 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-10873.html CVE-2018-10873 https://bugzilla.suse.com/1104448 SUSE Bug 1104448 Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code. CVE-2018-10893 openSUSE Tumbleweed:libspice-server-devel-0.15.0-1.3 openSUSE Tumbleweed:libspice-server1-0.15.0-1.3 moderate 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-10893.html CVE-2018-10893 https://bugzilla.suse.com/1101295 SUSE Bug 1101295 Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers. CVE-2019-3813 openSUSE Tumbleweed:libspice-server-devel-0.15.0-1.3 openSUSE Tumbleweed:libspice-server1-0.15.0-1.3 important 5.4 AV:A/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-3813.html CVE-2019-3813 https://bugzilla.suse.com/1122706 SUSE Bug 1122706 Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution. CVE-2020-14355 openSUSE Tumbleweed:libspice-server-devel-0.15.0-1.3 openSUSE Tumbleweed:libspice-server1-0.15.0-1.3 moderate 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-14355.html CVE-2020-14355 https://bugzilla.suse.com/1177158 SUSE Bug 1177158