Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system. More specifically, these flaws reside in the spice-common shared code between the client and server of SPICE. In other words, both the client (spice-gtk) and server are affected by these flaws. A malicious client or server could send specially crafted messages which would result in a process crash or potential code execution. Upstream commits: * https://gitlab.freedesktop.org/spice/spice-common/-/commit/762e0aba * https://gitlab.freedesktop.org/spice/spice-common/-/commit/404d7478 * https://gitlab.freedesktop.org/spice/spice-common/-/commit/ef1b6ff7 * https://gitlab.freedesktop.org/spice/spice-common/-/commit/b24fe6b6
Acknowledgments: Name: Frediano Ziglio (Red Hat)
Created spice tracking bugs for this issue: Affects: fedora-all [bug 1885565] Created spice-gtk tracking bugs for this issue: Affects: fedora-all [bug 1885566]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:4184 https://access.redhat.com/errata/RHSA-2020:4184
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-14355
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:4185 https://access.redhat.com/errata/RHSA-2020:4185
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4186 https://access.redhat.com/errata/RHSA-2020:4186
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:4187 https://access.redhat.com/errata/RHSA-2020:4187
External References: https://www.openwall.com/lists/oss-security/2020/10/06/10