Lucene search
RedHatRHSA-2017:2471HistoryAug 15, 2017 - 3:03 a.m.
(RHSA-2017:2471) Important: spice security update
2017-08-1503:03:50
access.redhat.com
81
0.003 Low
EPSS
Percentile
68.9%
The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing ‘desktop’ environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures.
Security Fix(es):
- A vulnerability was discovered in spice server’s protocol handling. An authenticated attacker could send specially crafted messages to the spice server, causing out-of-bounds memory accesses, leading to parts of server memory being leaked or a crash. (CVE-2017-7506)
This issue was discovered by Frediano Ziglio (Red Hat).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | spice-debuginfo | < 0.12.8-2.el7.1 | spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm |
| RedHat | 7 | x86_64 | spice-server-devel | < 0.12.8-2.el7.1 | spice-server-devel-0.12.8-2.el7.1.x86_64.rpm |
| RedHat | 7 | x86_64 | spice-server | < 0.12.8-2.el7.1 | spice-server-0.12.8-2.el7.1.x86_64.rpm |
Related
suse
suse
Security update for spice (important)
2017-07-12 18:10:38
Security update for spice (important)
2017-07-11 21:10:12
Security update for spice (important)
2017-07-11 21:14:14
oraclelinux
oraclelinux
spice security update
2017-08-15 00:00:00
spice-server security update
2018-11-08 00:00:00
spice-server security update
2019-01-31 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3907-1)
2017-07-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1839-1)
2021-04-19 00:00:00
Huawei EulerOS: Security Advisory for spice (EulerOS-SA-2017-1226)
2020-01-23 00:00:00
nessus
nessus
Virtuozzo 6 : spice-server / spice-server-devel (VZLSA-2018-3522)
2018-11-21 00:00:00
Scientific Linux Security Update : spice-server on SL6.x x86_64 (20181108)
2018-11-09 00:00:00
Fedora 24 : spice (2017-61689edaf4)
2017-07-21 00:00:00
ubuntucve
ubuntucve
CVE-2017-7506
2017-07-11 00:00:00
osv
osv
spice - security update
2017-07-11 00:00:00
CVE-2017-7506
2017-07-18 15:29:00
cve
cve
CVE-2017-7506
2017-07-18 15:29:00
nvd
nvd
CVE-2017-7506
2017-07-18 15:29:00
debian
debian
[SECURITY] [DSA 3907-1] spice security update
2017-07-11 21:31:14
cvelist
cvelist
CVE-2017-7506
2017-07-18 15:00:00
alpinelinux
alpinelinux
CVE-2017-7506
2017-07-18 15:29:00
fedora
fedora
[SECURITY] Fedora 24 Update: spice-0.12.8-3.fc24
2017-07-20 18:49:10
centos
centos
spice security update
2018-11-20 14:49:17
spice security update
2017-08-24 09:44:09
ibm
ibm
Security Bulletin: A vulnerability in Spice affects PowerKVM
2018-06-18 01:38:03
ubuntu
ubuntu
Spice vulnerability
2017-07-19 00:00:00
prion
prion
Out-of-bounds
2017-07-18 15:29:00
mageia
mageia
Updated spice packages fix security vulnerability
2017-08-03 22:05:47
archlinux
archlinux
[ASA-201708-12] spice: arbitrary code execution
2017-08-14 00:00:00
debiancve
debiancve
CVE-2017-7506
2017-07-18 15:29:00
redhatcve
redhatcve
CVE-2017-7506
2017-07-11 07:19:24
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:26:17
redhat
redhat
(RHSA-2018:3522) Important: spice-server security update
2018-11-07 22:23:33