Описание
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.12.5-1.1ubuntu2 |
| esm-infra-legacy/trusty | not-affected | 0.12.4-0nocelt2ubuntu1.2 |
| esm-infra/xenial | not-affected | 0.12.5-1.1ubuntu2 |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | released | 0.12.4-0nocelt2ubuntu1.2 |
| trusty/esm | not-affected | 0.12.4-0nocelt2ubuntu1.2 |
| upstream | needs-triage | |
| vivid | released | 0.12.5-1ubuntu0.2 |
| vivid/stable-phone-overlay | DNE |
Показывать по
EPSS
7.2 High
CVSS2
7.8 High
CVSS3
Связанные уязвимости
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS user ...
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
EPSS
7.2 High
CVSS2
7.8 High
CVSS3