Back to search
CVE-2013-4130
Published: Aug 20, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2013:1260
vendor-advisory
x_refsource_REDHAT
[oss-security] 20130715 Re: CVE Request -- spice: unsafe clients ring access abort
mailing-list
x_refsource_MLIST
USN-1926-1
vendor-advisory
x_refsource_UBUNTU
DSA-2839
vendor-advisory
x_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=984769
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now