PT-2019-1508 · Red Hat+4 · Spice+5

Christophe Fergeau

Published

2019-01-11

Updated

2024-06-15

CVE-2019-3813

CVSS v3.1

7.5

High

Vector

AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Spice versions 0.5.2 through 0.14.1

Description The issue is related to an out-of-bounds read due to an off-by-one error in the memslot get virt function. This may lead to a denial of service or, in the worst case, code execution by unauthenticated attackers. The vulnerability is associated with the Spice remote virtual "desktop" rendering system and can be exploited by remote attackers.

Recommendations For Spice versions 0.5.2 through 0.14.1, consider disabling the memslot get virt function as a temporary workaround until a patch is available. Restrict access to the Spice library to minimize the risk of exploitation. Avoid using the vulnerable memslot get virt function in the affected Spice versions until the issue is resolved.

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-193

Related Identifiers

ALT-PU-2019-1972

ALT-PU-2019-1989

BDU:2019-00950

BDU:2019-01178

CESA-2019_0231

CESA-2019_0232

CVE-2019-3813

DLA-1649-1

DSA-4375-1

MGASA-2019-0100

OPENSUSE-SU-2019:0167-1

OPENSUSE-SU-2019_0167-1

OPENSUSE-SU-2019_0176-1

OPENSUSE-SU-2024:11397-1

RHSA-2019:0231

RHSA-2019:0232

RHSA-2019:0457

RHSA-2019_0231

RHSA-2019_0232

SUSE-SU-2019:0229-1

SUSE-SU-2019:0230-1

SUSE-SU-2019:0231-1

SUSE-SU-2019:0231-2

SUSE-SU-2019:0241-1

SUSE-SU-2019:0242-1

SUSE-SU-2019:13943-1

SUSE-SU-2019_0229-1

SUSE-SU-2019_0230-1

SUSE-SU-2019_0231-1

SUSE-SU-2019_0231-2

SUSE-SU-2019_0241-1

SUSE-SU-2019_0242-1

SUSE-SU-2019_13943-1

USN-3870-1

Affected Products

Alt Linux

Centos

Red Hat

Spice

Suse

Ubuntu

PT-2019-1508 · Red Hat+4 · Spice+5

CVE-2019-3813

Weakness Enumeration

Related Identifiers

Affected Products

References · 96