CVE-2020-14355

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.6 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
spice_projectspice
𝑥
< 0.14.2
redhatopenstack
16.1
canonicalubuntu_linux
14.04
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
20.04
debiandebian_linux
9.0
opensuseleap
15.2
redhatenterprise_linux
6.0
redhatenterprise_linux
7.0
redhatenterprise_linux
8.0
redhatenterprise_linux_aus
8.2
redhatenterprise_linux_eus
8.1
redhatenterprise_linux_tus
8.2
redhatenterprise_linux_update_services_for_sap_solutions
8.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
spice
bullseye
0.14.3-2.1
fixed
buster
no-dsa
bookworm
0.15.1-1
fixed
sid
0.15.2-1
fixed
trixie
0.15.2-1
fixed
spice-gtk
bullseye
0.39-1
fixed
buster
no-dsa
bookworm
0.42-1
fixed
sid
0.42-2.1
fixed
trixie
0.42-2.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
spice
noble
Fixed 0.14.3-1ubuntu2
released
mantic
Fixed 0.14.3-1ubuntu2
released
lunar
Fixed 0.14.3-1ubuntu2
released
kinetic
Fixed 0.14.3-1ubuntu2
released
jammy
Fixed 0.14.3-1ubuntu2
released
impish
Fixed 0.14.3-1ubuntu2
released
hirsute
Fixed 0.14.3-1ubuntu2
released
groovy
Fixed 0.14.3-1ubuntu2
released
focal
Fixed 0.14.2-4ubuntu3.1
released
bionic
Fixed 0.14.0-1ubuntu2.5
released
xenial
Fixed 0.12.6-4ubuntu0.5
released
trusty
Fixed 0.12.4-0nocelt2ubuntu1.8+esm1
released
spice-gtk
noble
needed
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
needed
impish
ignored
hirsute
ignored
groovy
ignored
focal
needed
bionic
needed
xenial
needed
trusty
dne
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00001.html
https://bugzilla.redhat.com/show_bug.cgi?id=1868435
https://lists.debian.org/debian-lts-announce/2020/11/msg00001.html
https://lists.debian.org/debian-lts-announce/2020/11/msg00002.html
https://usn.ubuntu.com/4572-1/
https://usn.ubuntu.com/4572-2/
https://www.debian.org/security/2020/dsa-4771
https://www.openwall.com/lists/oss-security/2020/10/06/10
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00001.html
https://bugzilla.redhat.com/show_bug.cgi?id=1868435
https://lists.debian.org/debian-lts-announce/2020/11/msg00001.html
https://lists.debian.org/debian-lts-announce/2020/11/msg00002.html
https://usn.ubuntu.com/4572-1/
https://usn.ubuntu.com/4572-2/
https://www.debian.org/security/2020/dsa-4771
https://www.openwall.com/lists/oss-security/2020/10/06/10