Debian Security Bug TrackerDEBIANCVE:CVE-2010-0429CVE-2010-0429
6.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
19.5%
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | spice | < 0.15.1-1 | spice_0.15.1-1_all.deb |
| Debian | 11 | all | spice | < 0.14.3-2.1 | spice_0.14.3-2.1_all.deb |
| Debian | 10 | all | spice | < 0.14.0-1.3+deb10u1 | spice_0.14.0-1.3+deb10u1_all.deb |
| Debian | 999 | all | spice | < 0.15.1-1 | spice_0.15.1-1_all.deb |
| Debian | 13 | all | spice | < 0.15.1-1 | spice_0.15.1-1_all.deb |
Related
6.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
19.5%