CVE-2020-14355

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.6 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
spice_projectspice
𝑥
< 0.14.2
redhatopenstack
16.1
canonicalubuntu_linux
14.04
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
20.04
debiandebian_linux
9.0
opensuseleap
15.2
redhatenterprise_linux
6.0
redhatenterprise_linux
7.0
redhatenterprise_linux
8.0
redhatenterprise_linux_aus
8.2
redhatenterprise_linux_eus
8.1
redhatenterprise_linux_tus
8.2
redhatenterprise_linux_update_services_for_sap_solutions
8.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
spice
bookworm
0.15.1-1
fixed
bullseye
0.14.3-2.1
fixed
buster
no-dsa
sid
0.15.2-1
fixed
trixie
0.15.2-1
fixed
spice-gtk
bookworm
0.42-1
fixed
bullseye
0.39-1
fixed
buster
no-dsa
sid
0.42-2.1
fixed
trixie
0.42-2.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
spice
bionic
Fixed 0.14.0-1ubuntu2.5
released
focal
Fixed 0.14.2-4ubuntu3.1
released
groovy
Fixed 0.14.3-1ubuntu2
released
hirsute
Fixed 0.14.3-1ubuntu2
released
impish
Fixed 0.14.3-1ubuntu2
released
jammy
Fixed 0.14.3-1ubuntu2
released
kinetic
Fixed 0.14.3-1ubuntu2
released
lunar
Fixed 0.14.3-1ubuntu2
released
mantic
Fixed 0.14.3-1ubuntu2
released
noble
Fixed 0.14.3-1ubuntu2
released
trusty
Fixed 0.12.4-0nocelt2ubuntu1.8+esm1
released
xenial
Fixed 0.12.6-4ubuntu0.5
released
spice-gtk
bionic
needed
focal
needed
groovy
ignored
hirsute
ignored
impish
ignored
jammy
needed
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needed
trusty
dne
xenial
needed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libspice-client-glib-2_0-8
suse enterprise desktop 15 SP2
0.37-3.3.2
fixed
suse enterprise desktop 15 SP3
0.38-1.59
fixed
suse enterprise desktop 15 SP4
0.39-150400.2.13
fixed
suse enterprise desktop 15 SP5
0.41-150500.1.4
fixed
suse enterprise desktop 15 SP6
0.42-150600.1.4
fixed
suse enterprise desktop 15 SP7
0.42-150600.1.4
fixed
suse enterprise sap 12 SP3
0.33-3.9.1
fixed
suse enterprise sap 12 SP4
0.33-3.9.1
fixed
suse enterprise sap 12 SP5
0.33-3.9.1
fixed
suse enterprise sap 15 SP2
0.37-3.3.2
fixed
suse enterprise sap 15 SP3
0.38-1.59
fixed
suse enterprise sap 15 SP4
0.39-150400.2.13
fixed
suse enterprise sap 15 SP5
0.41-150500.1.4
fixed
suse enterprise sap 15 SP6
0.42-150600.1.4
fixed
suse enterprise sap 15 SP7
0.42-150600.1.4
fixed
suse enterprise server 12 SP3
0.33-3.9.1
fixed
suse enterprise server 12 SP4
0.33-3.9.1
fixed
suse enterprise server 12 SP5
0.33-3.9.1
fixed
suse enterprise server 15
0.34-3.6.1
fixed
suse enterprise server 15 SP1
0.35-3.3.1
fixed
suse enterprise server 15 SP2
0.37-3.3.2
fixed
suse enterprise server 15 SP3
0.38-1.59
fixed
suse enterprise server 15 SP4
0.39-150400.2.13
fixed
suse enterprise server 15 SP5
0.41-150500.1.4
fixed
suse enterprise server 15 SP6
0.42-150600.1.4
fixed
suse enterprise server 15 SP7
0.42-150600.1.4
fixed
libspice-client-glib-helper
suse enterprise desktop 15 SP2
0.37-3.3.2
fixed
suse enterprise desktop 15 SP3
0.38-1.59
fixed
suse enterprise desktop 15 SP4
0.39-150400.2.13
fixed
suse enterprise desktop 15 SP5
0.41-150500.1.4
fixed
suse enterprise desktop 15 SP6
0.42-150600.1.4
fixed
suse enterprise desktop 15 SP7
0.42-150600.1.4
fixed
suse enterprise sap 12 SP3
0.33-3.9.1
fixed
suse enterprise sap 12 SP4
0.33-3.9.1
fixed
suse enterprise sap 12 SP5
0.33-3.9.1
fixed
suse enterprise sap 15 SP2
0.37-3.3.2
fixed
suse enterprise sap 15 SP3
0.38-1.59
fixed
suse enterprise sap 15 SP4
0.39-150400.2.13
fixed
suse enterprise sap 15 SP5
0.41-150500.1.4
fixed
suse enterprise sap 15 SP6
0.42-150600.1.4
fixed
suse enterprise sap 15 SP7
0.42-150600.1.4
fixed
suse enterprise server 12 SP3
0.33-3.9.1
fixed
suse enterprise server 12 SP4
0.33-3.9.1
fixed
suse enterprise server 12 SP5
0.33-3.9.1
fixed
suse enterprise server 15
0.34-3.6.1
fixed
suse enterprise server 15 SP1
0.35-3.3.1
fixed
suse enterprise server 15 SP2
0.37-3.3.2
fixed
suse enterprise server 15 SP3
0.38-1.59
fixed
suse enterprise server 15 SP4
0.39-150400.2.13
fixed
suse enterprise server 15 SP5
0.41-150500.1.4
fixed
suse enterprise server 15 SP6
0.42-150600.1.4
fixed
suse enterprise server 15 SP7
0.42-150600.1.4
fixed
libspice-client-gtk-3_0-5
suse enterprise desktop 15 SP2
0.37-3.3.2
fixed
suse enterprise desktop 15 SP3
0.38-1.59
fixed
suse enterprise desktop 15 SP4
0.39-150400.2.13
fixed
suse enterprise desktop 15 SP5
0.41-150500.1.4
fixed
suse enterprise desktop 15 SP6
0.42-150600.1.4
fixed
suse enterprise desktop 15 SP7
0.42-150600.1.4
fixed
suse enterprise sap 12 SP3
0.33-3.9.1
fixed
suse enterprise sap 12 SP4
0.33-3.9.1
fixed
suse enterprise sap 12 SP5
0.33-3.9.1
fixed
suse enterprise sap 15 SP2
0.37-3.3.2
fixed
suse enterprise sap 15 SP3
0.38-1.59
fixed
suse enterprise sap 15 SP4
0.39-150400.2.13
fixed
suse enterprise sap 15 SP5
0.41-150500.1.4
fixed
suse enterprise sap 15 SP6
0.42-150600.1.4
fixed
suse enterprise sap 15 SP7
0.42-150600.1.4
fixed
suse enterprise server 12 SP3
0.33-3.9.1
fixed
suse enterprise server 12 SP4
0.33-3.9.1
fixed
suse enterprise server 12 SP5
0.33-3.9.1
fixed
suse enterprise server 15
0.34-3.6.1
fixed
suse enterprise server 15 SP1
0.35-3.3.1
fixed
suse enterprise server 15 SP2
0.37-3.3.2
fixed
suse enterprise server 15 SP3
0.38-1.59
fixed
suse enterprise server 15 SP4
0.39-150400.2.13
fixed
suse enterprise server 15 SP5
0.41-150500.1.4
fixed
suse enterprise server 15 SP6
0.42-150600.1.4
fixed
suse enterprise server 15 SP7
0.42-150600.1.4
fixed
libspice-controller0
suse enterprise sap 12 SP3
0.33-3.9.1
fixed
suse enterprise sap 12 SP4
0.33-3.9.1
fixed
suse enterprise sap 12 SP5
0.33-3.9.1
fixed
suse enterprise server 12 SP3
0.33-3.9.1
fixed
suse enterprise server 12 SP4
0.33-3.9.1
fixed
suse enterprise server 12 SP5
0.33-3.9.1
fixed
suse enterprise server 15
0.34-3.6.1
fixed
libspice-server-devel
suse enterprise sap 15 SP2
0.14.2-3.3.1
fixed
suse enterprise sap 15 SP3
0.14.3-1.48
fixed
suse enterprise sap 15 SP4
0.15.0-150400.2.8
fixed
suse enterprise sap 15 SP7
0.15.0-150600.9.1
fixed
suse enterprise server 15
0.14.0-4.9.1
fixed
suse enterprise server 15 SP1
0.14.1-4.3.1
fixed
suse enterprise server 15 SP2
0.14.2-3.3.1
fixed
suse enterprise server 15 SP3
0.14.3-1.48
fixed
suse enterprise server 15 SP4
0.15.0-150400.2.8
fixed
suse enterprise server 15 SP7
0.15.0-150600.9.1
fixed
libspice-server1
suse enterprise sap 12 SP3
0.12.8-15.1
fixed
suse enterprise sap 12 SP4
0.12.8-15.1
fixed
suse enterprise sap 12 SP5
0.12.8-15.1
fixed
suse enterprise sap 15 SP2
0.14.2-3.3.1
fixed
suse enterprise sap 15 SP3
0.14.3-1.48
fixed
suse enterprise sap 15 SP4
0.15.0-150400.2.8
fixed
suse enterprise sap 15 SP7
0.15.0-150600.9.1
fixed
suse enterprise server 12 SP3
0.12.8-15.1
fixed
suse enterprise server 12 SP4
0.12.8-15.1
fixed
suse enterprise server 12 SP5
0.12.8-15.1
fixed
suse enterprise server 15
0.14.0-4.9.1
fixed
suse enterprise server 15 SP1
0.14.1-4.3.1
fixed
suse enterprise server 15 SP2
0.14.2-3.3.1
fixed
suse enterprise server 15 SP3
0.14.3-1.48
fixed
suse enterprise server 15 SP4
0.15.0-150400.2.8
fixed
suse enterprise server 15 SP7
0.15.0-150600.9.1
fixed
spice-gtk-devel
suse enterprise sap 15 SP2
0.37-3.3.2
fixed
suse enterprise sap 15 SP3
0.38-1.59
fixed
suse enterprise sap 15 SP4
0.39-150400.2.13
fixed
suse enterprise sap 15 SP7
0.42-150600.1.4
fixed
suse enterprise server 15
0.34-3.6.1
fixed
suse enterprise server 15 SP1
0.35-3.3.1
fixed
suse enterprise server 15 SP2
0.37-3.3.2
fixed
suse enterprise server 15 SP3
0.38-1.59
fixed
suse enterprise server 15 SP4
0.39-150400.2.13
fixed
suse enterprise server 15 SP7
0.42-150600.1.4
fixed
typelib-1_0-SpiceClientGlib-2_0
suse enterprise sap 12 SP3
0.33-3.9.1
fixed
suse enterprise sap 12 SP4
0.33-3.9.1
fixed
suse enterprise sap 12 SP5
0.33-3.9.1
fixed
suse enterprise sap 15 SP2
0.37-3.3.2
fixed
suse enterprise sap 15 SP3
0.38-1.59
fixed
suse enterprise sap 15 SP4
0.39-150400.2.13
fixed
suse enterprise sap 15 SP7
0.42-150600.1.4
fixed
suse enterprise server 12 SP3
0.33-3.9.1
fixed
suse enterprise server 12 SP4
0.33-3.9.1
fixed
suse enterprise server 12 SP5
0.33-3.9.1
fixed
suse enterprise server 15
0.34-3.6.1
fixed
suse enterprise server 15 SP1
0.35-3.3.1
fixed
suse enterprise server 15 SP2
0.37-3.3.2
fixed
suse enterprise server 15 SP3
0.38-1.59
fixed
suse enterprise server 15 SP4
0.39-150400.2.13
fixed
suse enterprise server 15 SP7
0.42-150600.1.4
fixed
typelib-1_0-SpiceClientGtk-3_0
suse enterprise sap 12 SP3
0.33-3.9.1
fixed
suse enterprise sap 12 SP4
0.33-3.9.1
fixed
suse enterprise sap 12 SP5
0.33-3.9.1
fixed
suse enterprise sap 15 SP2
0.37-3.3.2
fixed
suse enterprise sap 15 SP3
0.38-1.59
fixed
suse enterprise sap 15 SP4
0.39-150400.2.13
fixed
suse enterprise sap 15 SP7
0.42-150600.1.4
fixed
suse enterprise server 12 SP3
0.33-3.9.1
fixed
suse enterprise server 12 SP4
0.33-3.9.1
fixed
suse enterprise server 12 SP5
0.33-3.9.1
fixed
suse enterprise server 15
0.34-3.6.1
fixed
suse enterprise server 15 SP1
0.35-3.3.1
fixed
suse enterprise server 15 SP2
0.37-3.3.2
fixed
suse enterprise server 15 SP3
0.38-1.59
fixed
suse enterprise server 15 SP4
0.39-150400.2.13
fixed
suse enterprise server 15 SP7
0.42-150600.1.4
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
spice-glib
RHEL 7
0:0.35-5.el7_9.1
fixed
RHEL 8
0:0.37-1.el8_2.2
fixed
RHEL 8.0 E4S
0:0.35-7.el8_0.1
fixed
RHEL 8.1 E4S
0:0.37-1.el8_1.2
fixed
RHEL 8.1 EUS
0:0.37-1.el8_1.2
fixed
RHEL 8.2 AUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 E4S
0:0.37-1.el8_2.2
fixed
RHEL 8.2 EUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 TUS
0:0.37-1.el8_2.2
fixed
spice-glib-devel
RHEL 7
0:0.35-5.el7_9.1
fixed
RHEL 8
0:0.37-1.el8_2.2
fixed
RHEL 8.0 E4S
0:0.35-7.el8_0.1
fixed
RHEL 8.1 E4S
0:0.37-1.el8_1.2
fixed
RHEL 8.1 EUS
0:0.37-1.el8_1.2
fixed
RHEL 8.2 AUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 E4S
0:0.37-1.el8_2.2
fixed
RHEL 8.2 EUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 TUS
0:0.37-1.el8_2.2
fixed
spice-gtk
RHEL 8
0:0.37-1.el8_2.2
fixed
RHEL 8.0 E4S
0:0.35-7.el8_0.1
fixed
RHEL 8.1 E4S
0:0.37-1.el8_1.2
fixed
RHEL 8.1 EUS
0:0.37-1.el8_1.2
fixed
RHEL 8.2 AUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 E4S
0:0.37-1.el8_2.2
fixed
RHEL 8.2 EUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 TUS
0:0.37-1.el8_2.2
fixed
spice-gtk-tools
RHEL 7
0:0.35-5.el7_9.1
fixed
RHEL 8
0:0.37-1.el8_2.2
fixed
RHEL 8.0 E4S
0:0.35-7.el8_0.1
fixed
RHEL 8.1 E4S
0:0.37-1.el8_1.2
fixed
RHEL 8.1 EUS
0:0.37-1.el8_1.2
fixed
RHEL 8.2 AUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 E4S
0:0.37-1.el8_2.2
fixed
RHEL 8.2 EUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 TUS
0:0.37-1.el8_2.2
fixed
spice-gtk3
RHEL 7
0:0.35-5.el7_9.1
fixed
RHEL 8
0:0.37-1.el8_2.2
fixed
RHEL 8.0 E4S
0:0.35-7.el8_0.1
fixed
RHEL 8.1 E4S
0:0.37-1.el8_1.2
fixed
RHEL 8.1 EUS
0:0.37-1.el8_1.2
fixed
RHEL 8.2 AUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 E4S
0:0.37-1.el8_2.2
fixed
RHEL 8.2 EUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 TUS
0:0.37-1.el8_2.2
fixed
spice-gtk3-devel
RHEL 7
0:0.35-5.el7_9.1
fixed
RHEL 8
0:0.37-1.el8_2.2
fixed
RHEL 8.0 E4S
0:0.35-7.el8_0.1
fixed
RHEL 8.1 E4S
0:0.37-1.el8_1.2
fixed
RHEL 8.1 EUS
0:0.37-1.el8_1.2
fixed
RHEL 8.2 AUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 E4S
0:0.37-1.el8_2.2
fixed
RHEL 8.2 EUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 TUS
0:0.37-1.el8_2.2
fixed
spice-gtk3-vala
RHEL 7
0:0.35-5.el7_9.1
fixed
RHEL 8
0:0.37-1.el8_2.2
fixed
RHEL 8.0 E4S
0:0.35-7.el8_0.1
fixed
RHEL 8.1 E4S
0:0.37-1.el8_1.2
fixed
RHEL 8.1 EUS
0:0.37-1.el8_1.2
fixed
RHEL 8.2 AUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 E4S
0:0.37-1.el8_2.2
fixed
RHEL 8.2 EUS
0:0.37-1.el8_2.2
fixed
RHEL 8.2 TUS
0:0.37-1.el8_2.2
fixed
spice-server
RHEL 7
0:0.14.0-9.el7_9.1
fixed
RHEL 8
0:0.14.2-1.el8_2.1
fixed
RHEL 8.0 E4S
0:0.14.0-7.el8_0.1
fixed
RHEL 8.1 E4S
0:0.14.2-1.el8_1.1
fixed
RHEL 8.1 EUS
0:0.14.2-1.el8_1.1
fixed
RHEL 8.2 AUS
0:0.14.2-1.el8_2.1
fixed
RHEL 8.2 E4S
0:0.14.2-1.el8_2.1
fixed
RHEL 8.2 EUS
0:0.14.2-1.el8_2.1
fixed
RHEL 8.2 TUS
0:0.14.2-1.el8_2.1
fixed
spice-server-devel
RHEL 7
0:0.14.0-9.el7_9.1
fixed
RHEL 8
0:0.14.2-1.el8_2.1
fixed
RHEL 8.1 E4S
0:0.14.2-1.el8_1.1
fixed
RHEL 8.1 EUS
0:0.14.2-1.el8_1.1
fixed
RHEL 8.2 AUS
0:0.14.2-1.el8_2.1
fixed
RHEL 8.2 E4S
0:0.14.2-1.el8_2.1
fixed
RHEL 8.2 EUS
0:0.14.2-1.el8_2.1
fixed
RHEL 8.2 TUS
0:0.14.2-1.el8_2.1
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00001.html
https://bugzilla.redhat.com/show_bug.cgi?id=1868435
https://lists.debian.org/debian-lts-announce/2020/11/msg00001.html
https://lists.debian.org/debian-lts-announce/2020/11/msg00002.html
https://usn.ubuntu.com/4572-1/
https://usn.ubuntu.com/4572-2/
https://www.debian.org/security/2020/dsa-4771
https://www.openwall.com/lists/oss-security/2020/10/06/10
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00001.html
https://bugzilla.redhat.com/show_bug.cgi?id=1868435
https://lists.debian.org/debian-lts-announce/2020/11/msg00001.html
https://lists.debian.org/debian-lts-announce/2020/11/msg00002.html
https://usn.ubuntu.com/4572-1/
https://usn.ubuntu.com/4572-2/
https://www.debian.org/security/2020/dsa-4771
https://www.openwall.com/lists/oss-security/2020/10/06/10