Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1501200 - (CVE-2017-12194) CVE-2017-12194 spice-gtk: Integer overflows causing buffer overflows in spice-client
CVE-2017-12194 spice-gtk: Integer overflows causing buffer overflows in spic...
Status: CLOSED WONTFIX
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20180314,repor...
: Security
Depends On: 1555302 1501201 1555301
Blocks: 1498495 1498774
  Show dependency treegraph
 
Reported: 2017-10-12 04:42 EDT by Huzaifa S. Sidhpurwala
Modified: 2018-07-18 05:27 EDT (History)
14 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-03-14 08:50:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Huzaifa S. Sidhpurwala 2017-10-12 04:42:04 EDT 
When a spice-client connects to a malicious spice-server, it was possible to crash the client or execute arbitrary code with the permissions of user running the client, when certain messages were sent from the server to the spice-client.
Comment 3 Huzaifa S. Sidhpurwala 2018-03-14 08:48:27 EDT 
More details about this flaw is available in:

https://bugzilla.redhat.com/show_bug.cgi?id=1240165
Comment 4 Huzaifa S. Sidhpurwala 2018-03-14 08:49:12 EDT 
Created spice-gtk tracking bugs for this issue:

Affects: fedora-all [bug 1555301]
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.