Denial Of Service (DoS)
spice-server is vulnerable to denial of service. A heap-based buffer overflow flaw was found in the way spice handled certain QXL commands related to the "surfaceid" parameter. A user in a guest could use this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the...