Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 717776 (CVE-2019-3813) - <app-emulation/spice-0.14.2: Out of bounds read (CVE-2019-3813)
Summary: <app-emulation/spice-0.14.2: Out of bounds read (CVE-2019-3813)
Alias: CVE-2019-3813
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa+ cve]
Depends on:
Reported: 2020-04-17 01:11 UTC by GLSAMaker/CVETool Bot
Modified: 2020-07-27 00:24 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2020-04-17 01:11:48 UTC
CVE-2019-3813 (
  Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds
  read due to an off-by-one error in memslot_get_virt. This may lead to a
  denial of service, or, in the worst case, code-execution by unauthenticated
Comment 1 Larry the Git Cow gentoo-dev 2020-04-18 18:56:48 UTC
The bug has been referenced in the following commit(s):

commit ad28dfa767dead9be522f8bd8801ba76eb33a324
Author:     Matthias Maier <>
AuthorDate: 2020-04-18 18:35:25 +0000
Commit:     Matthias Maier <>
CommitDate: 2020-04-18 18:56:14 +0000

    app-emulation/spice: drop vulnerable versions, bug #717776
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Matthias Maier <>

 app-emulation/spice/Manifest                       |   2 -
 ...0.14.0-fix-flexible-array-buffer-overflow.patch |  12 ---
 .../spice/files/spice-0.14.0-libressl_fix.patch    |  13 ---
 .../spice/files/spice-0.14.0-openssl1.1_fix.patch  |  26 ------
 app-emulation/spice/spice-0.14.0-r2.ebuild         | 102 ---------------------
 app-emulation/spice/spice-0.14.2.ebuild            | 100 --------------------
 6 files changed, 255 deletions(-)
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2020-07-27 00:24:47 UTC
This issue was resolved and addressed in
 GLSA 202007-30 at
by GLSA coordinator Sam James (sam_c).