CVE-2018-10873

HIGH

SPICE < 0.14.1 - Memory Corruption via Demarshalling Message Bounds Check Bypass

Title source: llm

Description

A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts.

References (11)

Core 11

Core References

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2018/dsa-4319

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2018/08/msg00035.html

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3751-1/

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:2732

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2018/08/msg00037.html

Issue Tracking, Third Party Advisory x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10873

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:2731

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:3470

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2018/08/msg00038.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/105152

Patch, Third Party Advisory x_refsource_confirm

https://gitlab.freedesktop.org/spice/spice-common/commit/bb15d4815ab586b4c4a20f4a565970a44824c42c

Scores

CVSS v3 8.3

EPSS 0.0121

EPSS Percentile 79.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

Details

CWE

CWE-119 CWE-20

Status published

Products (18)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 18.04

debian/debian_linux 8.0

debian/debian_linux 9.0

redhat/enterprise_linux_desktop 6.0

redhat/enterprise_linux_desktop 7.0

redhat/enterprise_linux_server 6.0

redhat/enterprise_linux_server 7.0

redhat/enterprise_linux_server_aus 7.6

... and 8 more

Published Aug 17, 2018

Tracked Since Feb 18, 2026