Denial Of Service (DoS)

spice-server is vulnerable to denial of service. A memory allocation flaw, leading to a heap-based buffer overflow, was found in spice's smartcard interaction, which runs under the QEMU-KVM context on the host. A user connecting to a guest VM using spice could potentially use this flaw to crash t...

Updated spice packages fix security vulnerabilities

Updated spice packages fix security vulnerabilities: A memory allocation flaw, leading to a heap-based buffer overflow, was found in spice's smartcard interaction, which runs under the QEMU-KVM context on the host. A user connecting to a guest VM using spice could potentially use this flaw to cra...

SUSE SLED12 / SLES12 Security Update : spice (SUSE-SU-2016:1561-1)

spice was updated to fix two security issues. These security issues were fixed : - CVE-2016-2150: Guest escape using crafted primary surface parameters bsc982386. - CVE-2016-0749: Heap-based buffer overflow in smartcard interaction bsc982385. Note that Tenable Network Security has extracted the...

SUSE-SU-2016:1561-1 Security update for spice

spice was updated to fix two security issues. These security issues were fixed: - CVE-2016-2150: Guest escape using crafted primary surface parameters bsc982386. - CVE-2016-0749: Heap-based buffer overflow in smartcard interaction bsc982385...

CVE-2016-0749

The smartcard interaction in SPICE allows remote attackers to cause a denial of service QEMU-KVM process crash or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow...

CVE-2016-0749

The smartcard interaction in SPICE allows remote attackers to cause a denial of service QEMU-KVM process crash or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow...

CentOS Update for spice-server CESA-2016:1204 centos6

Check the version of spice-server SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882501";...

spice security update

CentOS Errata and Security Advisory CESA-2016:1204 An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Debian: Security Advisory (DSA-3596-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...