SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | spice | < 0.12.6-4.1 | spice_0.12.6-4.1_all.deb |
Debian | 11 | all | spice | < 0.12.6-4.1 | spice_0.12.6-4.1_all.deb |
Debian | 10 | all | spice | < 0.12.6-4.1 | spice_0.12.6-4.1_all.deb |
Debian | 999 | all | spice | < 0.12.6-4.1 | spice_0.12.6-4.1_all.deb |
Debian | 13 | all | spice | < 0.12.6-4.1 | spice_0.12.6-4.1_all.deb |