Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-3247HistorySep 08, 2015 - 3:59 p.m.
CVE-2015-3247
2015-09-0815:59:00
Debian Security Bug Tracker
security-tracker.debian.org
6
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.009 Low
EPSS
Percentile
82.5%
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | spice | < 0.12.5-1.2 | spice_0.12.5-1.2_all.deb |
| Debian | 11 | all | spice | < 0.12.5-1.2 | spice_0.12.5-1.2_all.deb |
| Debian | 10 | all | spice | < 0.12.5-1.2 | spice_0.12.5-1.2_all.deb |
| Debian | 999 | all | spice | < 0.12.5-1.2 | spice_0.12.5-1.2_all.deb |
| Debian | 13 | all | spice | < 0.12.5-1.2 | spice_0.12.5-1.2_all.deb |
Related
nessus
nessus
Debian DSA-3354-1 : spice - security update
2015-09-09 00:00:00
Ubuntu 14.04 LTS : Spice vulnerability (USN-2736-1)
2015-09-09 00:00:00
Oracle Linux 7 : spice (ELSA-2015-1714)
2015-09-04 00:00:00
openvas
openvas
Debian Security Advisory DSA 3354-1 (spice - security update)
2015-09-08 00:00:00
Debian: Security Advisory (DSA-3354-1)
2015-09-07 00:00:00
Oracle: Security Advisory (ELSA-2015-1715)
2015-10-06 00:00:00
ubuntucve
ubuntucve
CVE-2015-3247
2015-09-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:07:35
oraclelinux
oraclelinux
spice-server security update
2015-09-03 00:00:00
spice security update
2015-09-03 00:00:00
centos
centos
spice security update
2015-09-03 19:06:17
spice security update
2015-09-03 19:28:10
ubuntu
ubuntu
Spice vulnerability
2015-09-08 00:00:00
prion
prion
Race condition
2015-09-08 15:59:00
redhat
redhat
(RHSA-2015:1714) Important: spice security update
2015-09-03 00:00:00
(RHSA-2015:1715) Important: spice-server security update
2015-09-03 00:00:00
debian
debian
[SECURITY] [DSA 3354-1] spice security update
2015-09-08 17:35:59
[SECURITY] [DSA 3354-1] spice security update
2015-09-08 17:35:59
cve
cve
CVE-2015-3247
2015-09-08 15:59:00
osv
osv
spice - security update
2015-09-08 00:00:00
securityvulns
securityvulns
spice race conditions
2015-09-14 00:00:00
[USN-2736-1] Spice vulnerability
2015-09-14 00:00:00
mageia
mageia
Updated spice packages fix CVE-2015-3247
2015-09-15 17:55:06
archlinux
archlinux
spice: multiple issues
2015-10-19 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: spice-0.12.6-1.fc22
2015-11-01 21:59:17
[SECURITY] Fedora 23 Update: mingw-spice-gtk-0.30-1.fc23
2015-10-11 16:08:03
[SECURITY] Fedora 22 Update: mingw-spice-protocol-0.12.10-1.fc22
2015-11-01 21:59:17
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.009 Low
EPSS
Percentile
82.5%
Related for DEBIANCVE:CVE-2015-3247