- Issued:
- 2010-08-25
- Updated:
- 2010-08-25
RHSA-2010:0632 - Security Advisory
Synopsis
Moderate: qspice-client security update
Type/Severity
Security Advisory: Moderate
Topic
An updated qspice-client package that fixes one security issue is now
available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Description
The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display protocol used in Red Hat Enterprise Linux for viewing
virtualized guests running on the Kernel-based Virtual Machine (KVM)
hypervisor, or on Red Hat Enterprise Virtualization Hypervisor.
The qspice-client package provides the client side of the SPICE protocol.
A race condition was found in the way the SPICE Mozilla Firefox plug-in and
the SPICE client communicated. A local attacker could use this flaw to
trick the plug-in and the SPICE client into communicating over an
attacker-controlled socket, possibly gaining access to authentication
details, or resulting in a man-in-the-middle attack on the SPICE
connection. (CVE-2010-2792)
Users of qspice-client should upgrade to this updated package, which
contains a backported patch to correct this issue.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 620350 - CVE-2010-2792 spice-xpi/qspice-client unix socket race
CVEs
References
Red Hat Enterprise Linux Server 5
| SRPM | |
|---|---|
| qspice-client-0.3.0-4.el5_5.src.rpm | SHA-256: 9c264b1396ed789a617c0c642ff7e61ff5b273c6d790fd926f0b68cc428973d5 |
| x86_64 | |
| qspice-client-0.3.0-4.el5_5.x86_64.rpm | SHA-256: f3bdc1dc58456bb2d0640235e23e9d9a24ddf2591cda75399dc9729fe3074e9e |
| i386 | |
| qspice-client-0.3.0-4.el5_5.i386.rpm | SHA-256: c9f06d57ac2010d82d1fcdf3b1b82afc4e95c46da8cb125dcc2a2ee091a81df7 |
Red Hat Enterprise Linux Workstation 5
| SRPM | |
|---|---|
| qspice-client-0.3.0-4.el5_5.src.rpm | SHA-256: 9c264b1396ed789a617c0c642ff7e61ff5b273c6d790fd926f0b68cc428973d5 |
| x86_64 | |
| qspice-client-0.3.0-4.el5_5.x86_64.rpm | SHA-256: f3bdc1dc58456bb2d0640235e23e9d9a24ddf2591cda75399dc9729fe3074e9e |
| i386 | |
| qspice-client-0.3.0-4.el5_5.i386.rpm | SHA-256: c9f06d57ac2010d82d1fcdf3b1b82afc4e95c46da8cb125dcc2a2ee091a81df7 |
Red Hat Enterprise Linux Desktop 5
| SRPM | |
|---|---|
| qspice-client-0.3.0-4.el5_5.src.rpm | SHA-256: 9c264b1396ed789a617c0c642ff7e61ff5b273c6d790fd926f0b68cc428973d5 |
| x86_64 | |
| qspice-client-0.3.0-4.el5_5.x86_64.rpm | SHA-256: f3bdc1dc58456bb2d0640235e23e9d9a24ddf2591cda75399dc9729fe3074e9e |
| i386 | |
| qspice-client-0.3.0-4.el5_5.i386.rpm | SHA-256: c9f06d57ac2010d82d1fcdf3b1b82afc4e95c46da8cb125dcc2a2ee091a81df7 |
Red Hat Enterprise Linux Server from RHUI 5
| SRPM | |
|---|---|
| qspice-client-0.3.0-4.el5_5.src.rpm | SHA-256: 9c264b1396ed789a617c0c642ff7e61ff5b273c6d790fd926f0b68cc428973d5 |
| x86_64 | |
| qspice-client-0.3.0-4.el5_5.x86_64.rpm | SHA-256: f3bdc1dc58456bb2d0640235e23e9d9a24ddf2591cda75399dc9729fe3074e9e |
| i386 | |
| qspice-client-0.3.0-4.el5_5.i386.rpm | SHA-256: c9f06d57ac2010d82d1fcdf3b1b82afc4e95c46da8cb125dcc2a2ee091a81df7 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.