A vulnerability was discovered in SPICE before 0.13.90 in the server’s protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | edge-main | noarch | spice | < 0.12.8-r3 | UNKNOWN |
Alpine | 3.10-main | noarch | spice | < 0.12.8-r3 | UNKNOWN |
Alpine | 3.11-main | noarch | spice | < 0.12.8-r3 | UNKNOWN |
Alpine | 3.12-main | noarch | spice | < 0.12.8-r3 | UNKNOWN |
Alpine | 3.13-main | noarch | spice | < 0.12.8-r3 | UNKNOWN |
Alpine | 3.14-main | noarch | spice | < 0.12.8-r3 | UNKNOWN |
Alpine | 3.15-main | noarch | spice | < 0.12.8-r3 | UNKNOWN |
Alpine | 3.16-main | noarch | spice | < 0.12.8-r3 | UNKNOWN |
Alpine | 3.17-main | noarch | spice | < 0.12.8-r3 | UNKNOWN |
Alpine | 3.18-main | noarch | spice | < 0.12.8-r3 | UNKNOWN |