Описание
Security update for spice
Spice was updated to fix three security issues.
The following vulnerabilities were fixed:
- CVE-2015-3247: heap corruption in the spice server (bsc#944460)
- CVE-2015-5261: Guest could have accessed host memory using crafted images (bsc#948976)
- CVE-2015-5260: Insufficient validation of surface_id parameter could have caused a crash (bsc#944787)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Ссылки
- Link for SUSE-SU-2016:1259-1
- E-Mail link for SUSE-SU-2016:1259-1
- SUSE Security Ratings
- SUSE Bug 944460
- SUSE Bug 944787
- SUSE Bug 948976
- SUSE CVE CVE-2015-3247 page
- SUSE CVE CVE-2015-5260 page
- SUSE CVE CVE-2015-5261 page
Описание
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
Затронутые продукты
Ссылки
- CVE-2015-3247
- SUSE Bug 944460
Описание
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
Затронутые продукты
Ссылки
- CVE-2015-5260
- SUSE Bug 944787
Описание
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
Затронутые продукты
Ссылки
- CVE-2015-5261
- SUSE Bug 948976
- SUSE Bug 982386