Описание
ELSA-2013-1192: spice-server security update (MODERATE)
[0.12.0-12.el6_4.3]
- Fixes an abort on unsafe client ring access Resolves: rhbz#986298
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
spice-server
0.12.0-12.el6_4.3
spice-server-devel
0.12.0-12.el6_4.3
Связанные CVE
Связанные уязвимости
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty ...
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error.