CVE-2018-10873

Name of the Vulnerable Software and Affected Versions SPICE versions prior to 0.14.1

Description A vulnerability was discovered in the demarshalling of messages, where the generated code lacked sufficient bounds checks. This could allow a malicious client or server, after authentication, to send specially crafted messages to its peer, resulting in a crash or potentially other impacts. The issue is related to errors in message processing, leading to buffer overflow. Exploitation of the vulnerability could allow a remote attacker to access confidential information or cause a denial of service.

Recommendations For versions prior to 0.14.1, update to version 0.14.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the demarshal.py function or the write validate array item() function until a patch is available. Avoid using the vulnerable demarshalling code in the SPICE protocol until the issue is resolved.