CVE-2020-14355
spice: multiple buffer overflow vulnerabilities in QUIC decoding code
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution.
Se encontraron múltiples vulnerabilidades de desbordamiento de búfer en el proceso de decodificación de imágenes QUIC del sistema de visualización remota SPICE, versiones anteriores a spice-0.14.2-1. Tanto el cliente SPICE (spice-gtk) como el servidor están afectados por estos defectos. Estos fallos permiten a un cliente o servidor malicioso enviar mensajes especialmente diseñados que, cuando son procesados ??por el algoritmo de compresión de imágenes QUIC, resulta en un bloqueo del proceso o una posible ejecución de código
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-06-17 CVE Reserved
- 2020-10-06 CVE Published
- 2024-03-29 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2020/11/msg00001.html | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2020/11/msg00002.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1868435 | 2020-10-06 | |
| https://www.openwall.com/lists/oss-security/2020/10/06/10 | 2023-11-09 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00000.html | 2023-11-09 | |
| http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00001.html | 2023-11-09 | |
| https://usn.ubuntu.com/4572-1 | 2023-11-09 | |
| https://usn.ubuntu.com/4572-2 | 2023-11-09 | |
| https://www.debian.org/security/2020/dsa-4771 | 2023-11-09 | |
| https://access.redhat.com/security/cve/CVE-2020-14355 | 2020-10-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Spice Project Search vendor "Spice Project" | Spice Search vendor "Spice Project" for product "Spice" | < 0.14.2 Search vendor "Spice Project" for product "Spice" and version " < 0.14.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Openstack Search vendor "Redhat" for product "Openstack" | 16.1 Search vendor "Redhat" for product "Openstack" and version "16.1" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | esm |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 20.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "20.04" | lts |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.2 Search vendor "Opensuse" for product "Leap" and version "15.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Aus Search vendor "Redhat" for product "Enterprise Linux Aus" | 8.2 Search vendor "Redhat" for product "Enterprise Linux Aus" and version "8.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus" | 8.1 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "8.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Tus Search vendor "Redhat" for product "Enterprise Linux Tus" | 8.2 Search vendor "Redhat" for product "Enterprise Linux Tus" and version "8.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Update Services For Sap Solutions" | 8.0 Search vendor "Redhat" for product "Enterprise Linux Update Services For Sap Solutions" and version "8.0" | - |
Affected
| ||||||