Security update for spice SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2017:0396-1 Final 1 1 2017-02-06T10:55:00Z current 2017-02-06T10:55:00Z 2017-02-06T10:55:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for spice This security update for spice fixes the following issues: CVE-2016-9577: A buffer overflow in the spice server could have potentially been used by unauthenticated attackers to execute arbitrary code. (bsc#1023078) CVE-2016-9578: Unauthenticated attackers could have caused a denial of service via a crafted message. (bsc#1023079) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp4-spice-12970,slessp4-spice-12970 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2017/suse-su-20170396-1/ Link for SUSE-SU-2017:0396-1 https://lists.suse.com/pipermail/sle-security-updates/2017-February/002623.html E-Mail link for SUSE-SU-2017:0396-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1023078 SUSE Bug 1023078 https://bugzilla.suse.com/1023079 SUSE Bug 1023079 https://www.suse.com/security/cve/CVE-2016-9577/ SUSE CVE CVE-2016-9577 page https://www.suse.com/security/cve/CVE-2016-9578/ SUSE CVE CVE-2016-9578 page SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 libspice-server-devel-0.12.4-8.1 libspice-server1-0.12.4-8.1 libspice-server1-0.12.4-8.1 as a component of SUSE Linux Enterprise Server 11 SP4 libspice-server1-0.12.4-8.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libspice-server-devel-0.12.4-8.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution. CVE-2016-9577 SUSE Linux Enterprise Server 11 SP4:libspice-server1-0.12.4-8.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libspice-server1-0.12.4-8.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libspice-server-devel-0.12.4-8.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170396-1/ https://www.suse.com/security/cve/CVE-2016-9577.html CVE-2016-9577 https://bugzilla.suse.com/1023078 SUSE Bug 1023078 A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash. CVE-2016-9578 SUSE Linux Enterprise Server 11 SP4:libspice-server1-0.12.4-8.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libspice-server1-0.12.4-8.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libspice-server-devel-0.12.4-8.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170396-1/ https://www.suse.com/security/cve/CVE-2016-9578.html CVE-2016-9578 https://bugzilla.suse.com/1023078 SUSE Bug 1023078 https://bugzilla.suse.com/1023079 SUSE Bug 1023079