PT-2019-1508 · Red Hat+4 · Spice+5

Christophe Fergeau

·

Publicado

2019-01-11

·

Atualizado

2024-06-15

·

CVE-2019-3813

CVSS v3.1

7.5

Alta

VetorAV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Spice versions 0.5.2 through 0.14.1
Description The issue is related to an out-of-bounds read due to an off-by-one error in the memslot get virt function. This may lead to a denial of service or, in the worst case, code execution by unauthenticated attackers. The vulnerability is associated with the Spice remote virtual "desktop" rendering system and can be exploited by remote attackers.
Recommendations For Spice versions 0.5.2 through 0.14.1, consider disabling the memslot get virt function as a temporary workaround until a patch is available. Restrict access to the Spice library to minimize the risk of exploitation. Avoid using the vulnerable memslot get virt function in the affected Spice versions until the issue is resolved.

Correção

DoS

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125CWE-193

Identificadores relacionados

ALT-PU-2019-1972
ALT-PU-2019-1989
BDU:2019-00950
BDU:2019-01178
CESA-2019_0231
CESA-2019_0232
CVE-2019-3813
DLA-1649-1
DSA-4375-1
MGASA-2019-0100
OPENSUSE-SU-2019:0167-1
OPENSUSE-SU-2019_0167-1
OPENSUSE-SU-2019_0176-1
OPENSUSE-SU-2024:11397-1
RHSA-2019:0231
RHSA-2019:0232
RHSA-2019:0457
RHSA-2019_0231
RHSA-2019_0232
SUSE-SU-2019:0229-1
SUSE-SU-2019:0230-1
SUSE-SU-2019:0231-1
SUSE-SU-2019:0231-2
SUSE-SU-2019:0241-1
SUSE-SU-2019:0242-1
SUSE-SU-2019:13943-1
SUSE-SU-2019_0229-1
SUSE-SU-2019_0230-1
SUSE-SU-2019_0231-1
SUSE-SU-2019_0231-2
SUSE-SU-2019_0241-1
SUSE-SU-2019_0242-1
SUSE-SU-2019_13943-1
USN-3870-1

Produtos afetados

Alt Linux
Centos
Red Hat
Spice
Suse
Ubuntu