Описание
ELSA-2015-1715: spice-server security update (IMPORTANT)
[0.12.4-12.1]
- Avoid race conditions reading monitor configs from guest. This race could trigger memory corruption host-side Resolves: rhbz#1239124
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
spice-server
0.12.4-12.el6_7.1
spice-server-devel
0.12.4-12.el6_7.1
Связанные CVE
Связанные уязвимости
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
Race condition in the worker_update_monitors_config function in SPICE ...
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.