CVE-2015-5261
CVE-2015-5261
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1889.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1890.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1261889https://security.gentoo.org/glsa/201606-05http://www.debian.org/security/2015/dsa-3371http://www.openwall.com/lists/oss-security/2015/10/06/4http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securitytracker.com/id/1033753http://www.ubuntu.com/usn/USN-2766-1