CVE-2019-3813

CWE-1939 documents8 sources

Severity

7.5HIGH

EPSS

0.2%

top 52.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Spice Project Spice RED Hat, Inc. Spice Canonical Ubuntu Linux +7 more

Timeline

PublishedFeb 4

Latest updateApr 30

Description

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages6 packages

▶Debianspice< 0.14.0-1.3+3

▶NVDspice_project/spice0.5.2 — 0.14.1

▶CVEListV5red_hat,_inc./spiceversions 0.5.2 through 0.14.1

▶NVDredhat/enterprise_linux_server6.0, 7.0+1

▶NVDredhat/enterprise_linux_desktop6.0, 7.0+1

Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10, Enterprise Linux 7.6

🔴Vulnerability Details

GHSA

GHSA-j8r4-w4xh-mcv3: Spice, versions 0↗2022-04-30

▶

CVEList

CVE-2019-3813: Spice, versions 0↗2019-02-04

▶

OSV

CVE-2019-3813: Spice, versions 0↗2019-02-04

▶

📋Vendor Advisories

Ubuntu

Spice vulnerability↗2019-01-28

▶

Red Hat

spice: Off-by-one error in array access in spice/server/memslot.c↗2019-01-28

▶

Debian

CVE-2019-3813: spice - Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read du...↗2019

▶

💬Community

Bugzilla

CVE-2019-3813 spice: Off-by-one error in array access in spice/server/memslot.c [fedora-all]↗2019-01-28

▶

Bugzilla

CVE-2019-3813 spice: Off-by-one error in array access in spice/server/memslot.c↗2019-01-11

▶