Red Hat Product Errata RHSA-2017:2471 - Security Advisory

Issued:: 2017-08-15
Updated:: 2017-08-15

RHSA-2017:2471 - Security Advisory

Overview
Updated Packages

Synopsis

Important: spice security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for spice is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures.

Security Fix(es):

A vulnerability was discovered in spice server's protocol handling. An authenticated attacker could send specially crafted messages to the spice server, causing out-of-bounds memory accesses, leading to parts of server memory being leaked or a crash. (CVE-2017-7506)

This issue was discovered by Frediano Ziglio (Red Hat).

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All applications using SPICE (most notably all QEMU-KVM instances using the SPICE console) must be restarted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.4 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64
Red Hat Enterprise Linux EUS Compute Node 7.4 x86_64
Red Hat Enterprise Linux Server - AUS 7.7 x86_64
Red Hat Enterprise Linux Server - AUS 7.6 x86_64
Red Hat Enterprise Linux Server - AUS 7.4 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Server - TUS 7.7 x86_64
Red Hat Enterprise Linux Server - TUS 7.6 x86_64
Red Hat Enterprise Linux Server - TUS 7.4 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.7 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.4 x86_64

Fixes

BZ - 1452606 - CVE-2017-7506 spice: Possible buffer overflow via invalid monitor configurations

CVEs

CVE-2017-7506

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.4

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux Desktop 7

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux EUS Compute Node 7.7

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux EUS Compute Node 7.6

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux EUS Compute Node 7.5

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux EUS Compute Node 7.4

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux Server - AUS 7.7

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux Server - AUS 7.6

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux Server - AUS 7.4

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux Workstation 7

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux Server - TUS 7.7

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux Server - TUS 7.6

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux Server - TUS 7.4

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.7

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.4

SRPM
spice-0.12.8-2.el7.1.src.rpm	SHA-256: 17056f82855959cb64e33f4b7d00a6678f7dab0cd3f5488a7231cb42bfee8591
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 508cf0410e340951021957aa2fa6ddd769ba2e171c3bfbc9e403039ac4cf2772
spice-server-0.12.8-2.el7.1.x86_64.rpm	SHA-256: f47ef76b50718480062e513cb10d45b00a802ca386d6eb268ff0b29eccf59c7b
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm	SHA-256: 7db5ae4189e87b9aaee6d4abbb997af9b1313853a625716a266b1aca1f62255e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation