Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 650878 - <net-misc/spice-gtk-0.34: Denial of Service/RCE vulnerability through malicious messages
Summary: <net-misc/spice-gtk-0.34: Denial of Service/RCE vulnerability through malicio...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-03-19 14:34 UTC by GLSAMaker/CVETool Bot
Modified: 2018-11-27 02:06 UTC (History)
1 user (show)

See Also:
Package list:
net-misc/spice-gtk-0.34-r2 app-emulation/spice-0.14.0-r1 app-emulation/spice-protocol-0.12.13
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-03-19 14:34:56 UTC 
CVE-2017-12194 (https://nvd.nist.gov/vuln/detail/CVE-2017-12194):
  A flaw was found in the way spice-client processed certain messages sent
  from the server. An attacker, having control of malicious spice-server,
  could use this flaw to crash the client or execute arbitrary code with
  permissions of the user running the client. spice-gtk versions through 0.34
  are believed to be vulnerable.


@Maintainers 0.34-r1 is in tree. Please call for stabilization when ready.

Thank you
Comment 1 Matthias Maier gentoo-dev 2018-03-19 15:16:27 UTC 
Arches, please stabilize net-misc/spice-gtk-0.34-r2.
Comment 2 Stabilization helper bot gentoo-dev 2018-03-19 16:00:26 UTC 
An automated check of this bug failed - the following atom is unknown:

app-emulation/spice-0.14.0

Please verify the atom list.
Comment 3 Stabilization helper bot gentoo-dev 2018-03-19 17:01:28 UTC 
An automated check of this bug succeeded - the previous repoman errors are now resolved.
Comment 4 Agostino Sarubbo gentoo-dev 2018-03-19 19:50:46 UTC 
amd64 stable
Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev 2018-03-29 14:54:28 UTC 
x86 stable
Comment 6 Virgil Dupras (RETIRED) gentoo-dev 2018-08-06 22:50:35 UTC 
This bug's workflow looks stuck. Stabilization is complete, I'm cleaning up.
Comment 7 Larry the Git Cow gentoo-dev 2018-08-07 00:07:50 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=20549bbffcf99fc94c3a0a5a6a80aa4bfcfd1546

commit 20549bbffcf99fc94c3a0a5a6a80aa4bfcfd1546
Author:     Virgil Dupras <vdupras@gentoo.org>
AuthorDate: 2018-08-07 00:06:32 +0000
Commit:     Virgil Dupras <vdupras@gentoo.org>
CommitDate: 2018-08-07 00:07:18 +0000

    net-misc/spice-gtk: remove vulnerable version
    
    Bug: https://bugs.gentoo.org/650878
    Package-Manager: Portage-2.3.44, Repoman-2.3.10

 net-misc/spice-gtk/Manifest                        |   1 -
 .../files/spice-gtk-0.33-sys-sysmacros.h.patch     |  44 ------
 net-misc/spice-gtk/spice-gtk-0.33-r2.ebuild        | 152 ---------------------
 3 files changed, 197 deletions(-)
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2018-11-27 02:06:56 UTC 
This issue was resolved and addressed in
 GLSA 201811-20 at https://security.gentoo.org/glsa/201811-20
by GLSA coordinator Aaron Bauman (b-man).