Red Hat Security Advisory: spice-client-win security update
Two stack-based buffer overflow vulnerabilities have been identified in libsoup, affecting the spice-client-win MSI installers for Windows clients on Red Hat Enterprise Linux 8. One vulnerability (CVE-2026-0719) is due to a signed to unsigned conversion error in NTLM authentication, and the other (CVE-2026-1761) occurs during multipart HTTP response parsing. Red Hat has released security updates addressing these issues for multiple architectures and extended life cycle versions of Red Hat Enterprise Linux 8.
AI Analysis
Technical Summary
This advisory covers two security flaws in libsoup used by spice-client-win MSI installers for Windows clients. CVE-2026-0719 is a signed to unsigned conversion error that leads to a stack-based buffer overflow during NTLM authentication. CVE-2026-1761 is a stack-based buffer overflow triggered by malformed multipart HTTP response parsing. Both vulnerabilities are classified under CWE-121 (stack-based buffer overflow). Red Hat has issued updated packages for Red Hat Enterprise Linux 8 and Extended Life Cycle 8.10 versions on x86_64, s390x, ppc64le, and aarch64 architectures to remediate these issues.
Potential Impact
Successful exploitation of these vulnerabilities could result in stack-based buffer overflows, potentially allowing an attacker to execute arbitrary code or cause a denial of service in the context of the affected spice-client-win components. The vulnerabilities affect the libsoup library's handling of NTLM authentication and multipart HTTP responses within the spice client MSI installers for Windows. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released security updates that address these vulnerabilities. Users should apply the updated spice-client-win packages for Red Hat Enterprise Linux 8 and Extended Life Cycle 8.10 as detailed in Red Hat Advisory RHSA-2026:2214. For update instructions, refer to https://access.redhat.com/articles/11258. No additional mitigation steps are indicated by the vendor advisory.
Red Hat Security Advisory: spice-client-win security update
Description
Two stack-based buffer overflow vulnerabilities have been identified in libsoup, affecting the spice-client-win MSI installers for Windows clients on Red Hat Enterprise Linux 8. One vulnerability (CVE-2026-0719) is due to a signed to unsigned conversion error in NTLM authentication, and the other (CVE-2026-1761) occurs during multipart HTTP response parsing. Red Hat has released security updates addressing these issues for multiple architectures and extended life cycle versions of Red Hat Enterprise Linux 8.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers two security flaws in libsoup used by spice-client-win MSI installers for Windows clients. CVE-2026-0719 is a signed to unsigned conversion error that leads to a stack-based buffer overflow during NTLM authentication. CVE-2026-1761 is a stack-based buffer overflow triggered by malformed multipart HTTP response parsing. Both vulnerabilities are classified under CWE-121 (stack-based buffer overflow). Red Hat has issued updated packages for Red Hat Enterprise Linux 8 and Extended Life Cycle 8.10 versions on x86_64, s390x, ppc64le, and aarch64 architectures to remediate these issues.
Potential Impact
Successful exploitation of these vulnerabilities could result in stack-based buffer overflows, potentially allowing an attacker to execute arbitrary code or cause a denial of service in the context of the affected spice-client-win components. The vulnerabilities affect the libsoup library's handling of NTLM authentication and multipart HTTP responses within the spice client MSI installers for Windows. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released security updates that address these vulnerabilities. Users should apply the updated spice-client-win packages for Red Hat Enterprise Linux 8 and Extended Life Cycle 8.10 as detailed in Red Hat Advisory RHSA-2026:2214. For update instructions, refer to https://access.redhat.com/articles/11258. No additional mitigation steps are indicated by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:2214
- Cve Count
- 2
- Additional Cves
- ["CVE-2026-1761"]
- Cvss Version
- null
Threat ID: 6a27e99e8dd33fbd8516c896
Added to database: 6/9/2026, 10:23:26 AM
Last enriched: 6/9/2026, 10:47:14 AM
Last updated: 6/10/2026, 6:18:46 AM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.