RHSA-2014:0416: Important: rhevm-spice-client security update

First published: Thu Apr 17 2014(Updated: )

Red Hat Enterprise Virtualization Manager provides access to virtual<br>machines using SPICE. These SPICE client packages provide the SPICE client<br>and usbclerk service for both Windows 32-bit operating systems and Windows<br>64-bit operating systems.<br>The rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE<br>client. OpenSSL, a general purpose cryptography library with a TLS<br>implementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer<br>package has been updated to correct the following issues:<br>An information disclosure flaw was found in the way OpenSSL handled TLS and<br>DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server<br>could send a specially crafted TLS or DTLS Heartbeat packet to disclose a<br>limited portion of memory per request from a connected client or server.<br>Note that the disclosed portions of memory could potentially include<br>sensitive information such as private keys. (CVE-2014-0160)<br>It was discovered that OpenSSL leaked timing information when decrypting<br>TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites<br>were used. A remote attacker could possibly use this flaw to retrieve plain<br>text from the encrypted packets by using a TLS/SSL or DTLS server as a<br>padding oracle. (CVE-2013-0169)<br>A NULL pointer dereference flaw was found in the way OpenSSL handled<br>TLS/SSL protocol handshake packets. A specially crafted handshake packet<br>could cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)<br>It was discovered that the TLS/SSL protocol could leak information about<br>plain text when optional compression was used. An attacker able to control<br>part of the plain text sent over an encrypted TLS/SSL connection could<br>possibly use this flaw to recover other portions of the plain text.<br>(CVE-2012-4929)<br>Red Hat would like to thank the OpenSSL project for reporting<br>CVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the<br>original reporter.<br>The updated mingw-virt-viewer Windows SPICE client further includes OpenSSL<br>security fixes that have no security impact on mingw-virt-viewer itself.<br>The security fixes included in this update address the following CVE<br>numbers:<br>CVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166<br>All Red Hat Enterprise Virtualization Manager users are advised to upgrade<br>to these updated packages, which address these issues.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• anchor-id/RHSA-2014:0416
• agent/weakness
• agent/references
• agent/title
• agent/tags
• agent/type
• agent/severity
• agent/description
• agent/remedy
• agent/softwarecombine
• agent/last-modified-date
• agent/first-publish-date
• agent/event
• package-manager/redhat