Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 746920 (CVE-2021-14355) - <app-emulation/spice-0.14.3-r1: multiple vulnerabilities
Summary: <app-emulation/spice-0.14.3-r1: multiple vulnerabilities
Status: IN_PROGRESS
Alias: CVE-2021-14355
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal with 1 vote (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa? cleanup]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-10-06 13:43 UTC by Agostino Sarubbo
Modified: 2021-04-10 15:36 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2020-10-06 13:43:04 UTC
From https://www.openwall.com/lists/oss-security/2020/10/06/10 :

Hello,

Multiple buffer overflow vulnerabilities were found in the QUIC image
decoding process of the SPICE remote display system. More
specifically, these flaws reside in the spice-common shared code
between the client and server of SPICE. In other words, both the
client (spice-gtk) and server are affected by these flaws. A malicious
client or server could send specially crafted messages which could
result in a process crash or potential code execution scenario.

CVE-2020-14355 has been assigned for this flaw by Red Hat Inc.

Upstream commits:
* https://gitlab.freedesktop.org/spice/spice-common/-/commit/762e0aba
* https://gitlab.freedesktop.org/spice/spice-common/-/commit/404d7478
* https://gitlab.freedesktop.org/spice/spice-common/-/commit/ef1b6ff7
* https://gitlab.freedesktop.org/spice/spice-common/-/commit/b24fe6b6

Credit: Frediano Ziglio (Red Hat)

@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Larry the Git Cow gentoo-dev 2021-04-04 18:54:49 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d6418bd9306729c2497c17fe302f58965800897c

commit d6418bd9306729c2497c17fe302f58965800897c
Author:     Matthias Maier <tamiko@gentoo.org>
AuthorDate: 2021-04-04 18:48:42 +0000
Commit:     Matthias Maier <tamiko@gentoo.org>
CommitDate: 2021-04-04 18:54:34 +0000

    app-emulation/spice: apply security patches for CVE-2020-14355
    
    Bug: https://bugs.gentoo.org/746920
    Package-Manager: Portage-3.0.18, Repoman-3.0.3
    Signed-off-by: Matthias Maier <tamiko@gentoo.org>

 .../spice-0.14.3-CVE-2020-14355-404d7478.patch     |  31 +++++++
 .../spice-0.14.3-CVE-2020-14355-762e0aba.patch     |  13 +++
 .../spice-0.14.3-CVE-2020-14355-b24fe6b6.patch     |  18 ++++
 .../spice-0.14.3-CVE-2020-14355-ef1b6ff7.patch     |  17 ++++
 app-emulation/spice/spice-0.14.3-r1.ebuild         | 103 +++++++++++++++++++++
 5 files changed, 182 insertions(+)
Comment 2 Matthias Maier gentoo-dev 2021-04-04 18:56:29 UTC
Arches please stabilize.
Comment 3 Sam James archtester gentoo-dev Security 2021-04-06 19:49:55 UTC
x86 done
Comment 4 Sam James archtester gentoo-dev Security 2021-04-09 22:18:31 UTC
arm64 done
Comment 5 Sam James archtester gentoo-dev Security 2021-04-09 22:23:36 UTC
amd64 done
Comment 6 Sam James archtester gentoo-dev Security 2021-04-10 04:25:02 UTC
ppc64 done

all arches done
Comment 7 John Helmert III gentoo-dev Security 2021-04-10 15:36:00 UTC
Please cleanup