DEBIAN-CVE-2016-2150

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261...

CVE-2016-2150

CVE-2016-2150 affects SPICE: a memory access flaw in handling crafted primary surface parameters allows a local guest OS user to read from or write to host memory. Root cause: improper handling of primary surface parameters in SPICE. Impact: confidentiality and integrity of host memory are HIGH, ...

CVE-2016-2150

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261...

UBUNTU-CVE-2016-2150

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261...

spice security update

CentOS Errata and Security Advisory CESA-2016:1204 An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

spice: Host memory access from guest with invalid primary surface parameters

A memory access flaw was found in the way spice handled certain guests using crafted primary surface parameters. A user in a guest could use this flaw to read from and write to arbitrary memory locations on the host...

spice-server security update

0.12.4-13.1 - Fix heap-based memory corruption within smartcard handling Resolves: CVE-2016-0749 - Fix host memory access from guest with invalid primary surface parameters Resolves: CVE-2016-2150...