ALT-PU-2014-1677-1
Closed vulnerabilities
Published: 2015-09-08
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-3247
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
References:
- [Spice-devel] 20151006 Announcing spice 0.12.6
- [Spice-devel] 20151006 Announcing spice 0.12.6
- openSUSE-SU-2015:1566
- openSUSE-SU-2015:1566
- RHSA-2015:1713
- RHSA-2015:1713
- RHSA-2015:1714
- RHSA-2015:1714
- RHSA-2015:1715
- RHSA-2015:1715
- DSA-3354
- DSA-3354
- 1033459
- 1033459
- 1033460
- 1033460
- 1033753
- 1033753
- USN-2736-1
- USN-2736-1