Описание
ELSA-2019-0231: spice security update (IMPORTANT)
[0.14.0-6.0.2.1]
- Add ARM support
[0.14.0-6.1]
- Fix off-by-one error during guest-to-host memory address conversion Resolves: CVE-2019-3813
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
spice-server
0.14.0-6.0.2.el7_6.1
spice-server-devel
0.14.0-6.0.2.el7_6.1
Oracle Linux x86_64
spice-server
0.14.0-6.el7_6.1
spice-server-devel
0.14.0-6.el7_6.1
Связанные CVE
Связанные уязвимости
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-boun ...
