Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2016:1559-1

Опубликовано: 13 июн. 2016
Источник: suse-cvrf

Описание

Security update for spice

spice was updated to fix four security issues.

These security issues were fixed:

  • CVE-2016-2150: Guest escape using crafted primary surface parameters (bsc#982386).
  • CVE-2016-0749: Heap-based buffer overflow in smartcard interaction (bsc#982385).
  • CVE-2015-5260: Insufficient validation of surface_id parameter could have caused a crash (bsc#944787).
  • CVE-2015-5261: Host memory access from guest using crafted images (bsc#948976).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1
libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Server 12 SP1
libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Software Development Kit 12 SP1
libspice-server-devel-0.12.5-4.1

Ссылки

Описание

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Server 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Software Development Kit 12 SP1:libspice-server-devel-0.12.5-4.1
Ссылки

Описание

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Server 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Software Development Kit 12 SP1:libspice-server-devel-0.12.5-4.1
Ссылки

Описание

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Server 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Software Development Kit 12 SP1:libspice-server-devel-0.12.5-4.1
Ссылки

Описание

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Server 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:libspice-server1-0.12.5-4.1
SUSE Linux Enterprise Software Development Kit 12 SP1:libspice-server-devel-0.12.5-4.1
Ссылки
Уязвимость SUSE-SU-2016:1559-1