CVE-2017-12194Stack-based Buffer Overflow in Spice-gtk

CWE-121Stack-based Buffer OverflowCWE-20Improper Input Validation8 documents7 sources
Severity
9.8CRITICALNVD
EPSS
1.5%
top 18.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Spice-gtk Project Spice-gtkDebian Spice-gtkFreedesktop.org Spice-gtk
Timeline
PublishedMar 14
Latest updateMay 14

Description

A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

debiandebian/spice-gtk< spice-gtk 0.35-1 (bookworm)
Debianspice-gtk_project/spice-gtk< 0.35-1+3
CVEListV5freedesktop.org/spice-gtkthrough 0.34

🔴Vulnerability Details

2
GHSA
GHSA-r5rv-8pm6-w5ch: A flaw was found in the way spice-client processed certain messages sent from the server2022-05-14
OSV
CVE-2017-12194: A flaw was found in the way spice-client processed certain messages sent from the server2018-03-14

📋Vendor Advisories

3
Ubuntu
Spice vulnerability2018-05-23
Red Hat
spice-gtk: Integer overflows causing buffer overflows in spice-client2018-03-14
Debian
CVE-2017-12194: spice-gtk - A flaw was found in the way spice-client processed certain messages sent from th...2017

💬Community

2
Bugzilla
CVE-2017-12194 spice-gtk: spice-gtk: Integer overflows causing buffer overflows in spice-client [fedora-all]2018-03-14
Bugzilla
CVE-2017-12194 spice-gtk: Integer overflows causing buffer overflows in spice-client2017-10-12