(RHSA-2019:0231) Important: spice security update

2019-01-31T22:03:18
ID RHSA-2019:0231
Type redhat
Reporter RedHat
Modified 2019-01-31T22:07:47

Description

The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures.

Security Fix(es):

  • spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

This issue was discovered by Christophe Fergeau (Red Hat).