Lucene search
AmazonALAS2-2023-1939HistoryFeb 17, 2023 - 12:10 a.m.
Medium: libgovirt
2023-02-1700:10:00
alas.aws.amazon.com
12
libgovirt
integer overflow
buffer overflow
cve-2018-10893
update
0.002 Low
EPSS
Percentile
52.2%
Issue Overview:
Multiple integer overflow and buffer overflow issues were discovered in spice-client’s handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code. (CVE-2018-10893)
Affected Packages:
libgovirt
Issue Correction:
Run yum update libgovirt to update your system.
New Packages:
aarch64:
libgovirt-0.3.4-3.amzn2.aarch64
libgovirt-devel-0.3.4-3.amzn2.aarch64
libgovirt-debuginfo-0.3.4-3.amzn2.aarch64
i686:
libgovirt-0.3.4-3.amzn2.i686
libgovirt-devel-0.3.4-3.amzn2.i686
libgovirt-debuginfo-0.3.4-3.amzn2.i686
src:
libgovirt-0.3.4-3.amzn2.src
x86_64:
libgovirt-0.3.4-3.amzn2.x86_64
libgovirt-devel-0.3.4-3.amzn2.x86_64
libgovirt-debuginfo-0.3.4-3.amzn2.x86_64
Additional References
Red Hat: CVE-2018-10893
Mitre: CVE-2018-10893
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 2 | aarch64 | libgovirt | < 0.3.4-3.amzn2 | libgovirt-0.3.4-3.amzn2.aarch64.rpm |
| Amazon Linux | 2 | aarch64 | libgovirt-devel | < 0.3.4-3.amzn2 | libgovirt-devel-0.3.4-3.amzn2.aarch64.rpm |
| Amazon Linux | 2 | aarch64 | libgovirt-debuginfo | < 0.3.4-3.amzn2 | libgovirt-debuginfo-0.3.4-3.amzn2.aarch64.rpm |
| Amazon Linux | 2 | i686 | libgovirt | < 0.3.4-3.amzn2 | libgovirt-0.3.4-3.amzn2.i686.rpm |
| Amazon Linux | 2 | i686 | libgovirt-devel | < 0.3.4-3.amzn2 | libgovirt-devel-0.3.4-3.amzn2.i686.rpm |
| Amazon Linux | 2 | i686 | libgovirt-debuginfo | < 0.3.4-3.amzn2 | libgovirt-debuginfo-0.3.4-3.amzn2.i686.rpm |
| Amazon Linux | 2 | src | libgovirt | < 0.3.4-3.amzn2 | libgovirt-0.3.4-3.amzn2.src.rpm |
| Amazon Linux | 2 | x86_64 | libgovirt | < 0.3.4-3.amzn2 | libgovirt-0.3.4-3.amzn2.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | libgovirt-devel | < 0.3.4-3.amzn2 | libgovirt-devel-0.3.4-3.amzn2.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | libgovirt-debuginfo | < 0.3.4-3.amzn2 | libgovirt-debuginfo-0.3.4-3.amzn2.x86_64.rpm |
Related
nessus
nessus
RHEL 6 : spice-gtk (RHSA-2020:0471)
2020-02-12 00:00:00
Amazon Linux 2 : libgovirt (ALAS-2023-1939)
2023-02-23 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for spice-gtk (EulerOS-SA-2019-2189)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for spice-gtk (EulerOS-SA-2020-1727)
2020-07-03 00:00:00
Huawei EulerOS: Security Advisory for spice-gtk (EulerOS-SA-2019-2266)
2020-01-23 00:00:00
centos
centos
spice security update
2020-02-11 18:21:31
libgovirt, spice, virt security update
2019-08-30 03:14:56
oraclelinux
oraclelinux
spice-gtk security update
2020-02-11 00:00:00
spice-gtk security and bug fix update
2019-08-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-08-08 00:07:27
nvd
nvd
CVE-2018-10893
2018-09-11 15:29:00
debiancve
debiancve
CVE-2018-10893
2018-09-11 15:29:00
ubuntucve
ubuntucve
CVE-2018-10893
2018-09-11 00:00:00
redhat
redhat
(RHSA-2019:2229) Moderate: spice-gtk security and bug fix update
2019-08-06 08:15:20
(RHSA-2020:0471) Moderate: spice-gtk security update
2020-02-11 08:14:06
redhatcve
redhatcve
CVE-2018-10893
2019-12-25 03:28:22
amazon
amazon
Medium: spice-gtk
2019-11-11 17:43:00
Medium: spice-protocol
2023-02-17 00:10:00
Medium: spice-protocol
2023-08-21 10:00:00
prion
prion
Integer overflow
2018-09-11 15:29:00
cvelist
cvelist
CVE-2018-10893
2018-09-11 15:00:00
cve
cve
CVE-2018-10893
2018-09-11 15:29:00
suse
suse
Security update for spice-gtk (important)
2018-09-04 15:07:46
Security update for spice-gtk (important)
2018-09-15 15:11:34
Security update for spice (important)
2018-09-04 12:07:52
mageia
mageia
Updated spice packages fix security vulnerability
2019-02-22 03:35:50
Updated spice-gtk packages fix security vulnerability
2019-02-22 04:08:50