Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
archlinuxArchLinuxASA-202107-12
HistoryJul 06, 2021 - 12:00 a.m.

[ASA-202107-12] spice: multiple issues

2021-07-0600:00:00
security.archlinux.org
178

6.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

77.1%

JSON

Arch Linux Security Advisory ASA-202107-12

Severity: Critical
Date : 2021-07-06
CVE-ID : CVE-2020-14355 CVE-2021-20201
Package : spice
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1239

Summary

The package spice before version 0.15.0-1 is vulnerable to multiple
issues including arbitrary code execution and denial of service.

Resolution

Upgrade to 0.15.0-1.

pacman -Syu “spice>=0.15.0-1”

The problems have been fixed upstream in version 0.15.0.

Workaround

None.

Description

  • CVE-2020-14355 (arbitrary code execution)

Multiple buffer overflow vulnerabilities were found in the QUIC image
decoding process of the SPICE remote display system. More specifically,
these flaws reside in the spice-common shared code between the client
and server of SPICE. In other words, both the client (spice-gtk) and
server are affected by these flaws. A malicious client or server could
send specially crafted messages which could result in a process crash
or potential code execution scenario. The issues have been fixed in
spice (server) version 0.14.90 and spice-gtk (client) version 0.39.

  • CVE-2021-20201 (denial of service)

An issue was discovered in SPICE server before version 0.15.0. There is
a vulnerability which might make it easier for remote attackers to
cause a denial of service (CPU consumption) by performing many
renegotiations within a single connection.

Impact

A remote attacker could execute arbitrary code on the SPICE server
using crafted messages, or cause high CPU consumption by performing
many renegotiations.

References

https://bugs.archlinux.org/task/68166
https://www.openwall.com/lists/oss-security/2020/10/06/10
https://gitlab.freedesktop.org/spice/spice-common/-/commit/762e0abae36033ccde658fd52d3235887b60862d
https://gitlab.freedesktop.org/spice/spice-common/-/commit/404d74782c8b5e57d146c5bf3118bb41bf3378e4
https://gitlab.freedesktop.org/spice/spice-common/-/commit/ef1b6ff7b82e15d759e5415b8e35b92bb1a4c206
https://gitlab.freedesktop.org/spice/spice-common/-/commit/b24fe6b66b86e601c725d30f00c37e684b6395b6
https://gitlab.freedesktop.org/spice/spice/-/commit/4f71d0cdb79d2f61da49d439a5b72e3ce0070313
https://gitlab.freedesktop.org/spice/spice-gtk/-/commit/df0d3f9d95fe8235b95fa291feb746ba5e3bd6aa
https://bugzilla.redhat.com/show_bug.cgi?id=1921846
https://gitlab.freedesktop.org/spice/spice/-/issues/49
https://gitlab.freedesktop.org/spice/spice/-/merge_requests/150
https://gitlab.freedesktop.org/spice/spice/-/commit/95a0cfac8a1c8eff50f05e65df945da3bb501fc9
https://gitlab.freedesktop.org/spice/spice/-/commit/ca5bbc5692e052159bce1a75f55dc60b36078749
https://security.archlinux.org/CVE-2020-14355
https://security.archlinux.org/CVE-2021-20201

OSVersionArchitecturePackageVersionFilename
ArchLinuxanyanyspice< 0.15.0-1UNKNOWN

References

Related

openvas 40
nessus 56
redhat 7
rocky 1
almalinux 1
cve 2
veracode 2
osv 9
oraclelinux 3
suse 5
prion 2
alpinelinux 2
redhatcve 2
ubuntucve 2
mageia 2
debiancve 2
rosalinux 1
debian 4
ubuntu 2
altlinux 1
centos 1
amazon 2
gentoo 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:1901-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1902-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1956-1)
2021-06-13 00:00:00
nessus
nessus
SUSE SLES12 Security Update : spice (SUSE-SU-2021:1902-1)
2021-06-09 00:00:00
SUSE SLES15 Security Update : spice (SUSE-SU-2021:1956-1)
2021-06-12 00:00:00
SUSE SLES15 Security Update : spice (SUSE-SU-2021:1901-1)
2021-06-09 00:00:00
redhat
redhat
(RHSA-2021:1924) Low: spice security update
2021-05-18 06:24:46
(RHSA-2020:4186) Important: spice and spice-gtk security update
2020-10-06 12:57:00
(RHSA-2020:4185) Important: spice and spice-gtk security update
2020-10-06 12:56:31
rocky
rocky
spice security update
2021-05-18 06:24:46
almalinux
almalinux
Low: spice security update
2021-05-18 06:24:46
cve
cve
CVE-2021-20201
2021-05-28 11:15:00
CVE-2020-14355
2020-10-07 15:15:00
veracode
veracode
Denial Of Service (DoS)
2021-06-05 18:37:13
Arbitrary Code Execution
2020-10-08 02:57:58
osv
osv
Low: spice security update
2021-05-18 06:24:46
Low: spice security update
2021-05-18 06:24:46
CVE-2021-20201
2021-05-28 11:15:07
oraclelinux
oraclelinux
spice security update
2021-05-25 00:00:00
spice and spice-gtk security update
2020-10-08 00:00:00
spice and spice-gtk security update
2020-10-07 00:00:00
suse
suse
Security update for spice (important)
2021-06-16 00:00:00
Security update for spice (important)
2022-09-01 00:00:00
Security update for spice (important)
2022-08-24 00:00:00
prion
prion
Design/Logic Flaw
2021-05-28 11:15:00
Buffer overflow
2020-10-07 15:15:00
alpinelinux
alpinelinux
CVE-2021-20201
2021-05-28 11:15:00
CVE-2020-14355
2020-10-07 15:15:00
redhatcve
redhatcve
CVE-2021-20201
2021-01-28 17:56:39
CVE-2020-14355
2020-10-06 12:51:37
ubuntucve
ubuntucve
CVE-2021-20201
2021-05-28 00:00:00
CVE-2020-14355
2020-10-06 00:00:00
mageia
mageia
Updated spice packages fix security vulnerability
2021-08-15 11:38:04
Updated spice and spice-gtk packages fix a security vulnerability
2020-11-10 18:20:00
debiancve
debiancve
CVE-2021-20201
2021-05-28 11:15:00
CVE-2020-14355
2020-10-07 15:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2394
2024-04-11 07:21:06
debian
debian
[SECURITY] [DSA 4771-1] spice security update
2020-10-11 13:39:47
[SECURITY] [DLA 2428-1] spice-gtk security update
2020-11-01 17:09:07
[SECURITY] [DLA 2427-1] spice security update
2020-11-01 17:06:46
ubuntu
ubuntu
Spice vulnerability
2020-10-07 00:00:00
Spice vulnerability
2020-10-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package SPICE version 0.15.0-alt1
2021-05-31 00:00:00
centos
centos
spice security update
2020-11-06 22:13:08
amazon
amazon
Important: spice-gtk
2020-10-22 18:40:00
Important: spice
2020-10-22 18:40:00
gentoo
gentoo
Spice Server: Multiple Vulnerabilities
2022-08-10 00:00:00

6.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

77.1%

JSON
Related for ASA-202107-12
openvas40nessus56redhat7rocky1almalinux1cve2veracode2osv9oraclelinux3suse5prion2alpinelinux2redhatcve2ubuntucve2mageia2debiancve2rosalinux1debian4ubuntu2altlinux1centos1amazon2gentoo1