Denial Of Service (DoS)

spice-server is vulnerable to denial of service. A heap-based buffer overflow flaw was found in the way spice handled certain QXL commands related to the "surfaceid" parameter. A user in a guest could use this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the...

Security Bulletin: Vulnerability in spice affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-5261, CVE-2015-5260)

Summary Vulnerability spice affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance CVE-2015-5261, CVE-2015-5260. Vulnerability Details CVEID: CVE-2015-5261 DESCRIPTION: Red Hat spice is vulnerable to a heap-based buffer overflow. By sending specially crafted QXL command, a local...

MGASA-2016-0250 Updated spice packages fix security vulnerabilities

Updated spice packages fix security vulnerabilities: A memory allocation flaw, leading to a heap-based buffer overflow, was found in spice's smartcard interaction, which runs under the QEMU-KVM context on the host. A user connecting to a guest VM using spice could potentially use this flaw to cra...

openSUSE Security Update : spice (openSUSE-2016-824)

spice was updated to fix two security issues. These security issues were fixed : - CVE-2016-2150: SPICE allowed local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261 boo982385. - CVE-2016-0749: The...

CVE-2016-0749

The smartcard interaction in SPICE allows remote attackers to cause a denial of service QEMU-KVM process crash or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow...