Debian Security Advisory
DSA-3354-1 spice -- security update
- Date Reported:
- 08 Sep 2015
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 797976.
In Mitre's CVE dictionary: CVE-2015-3247.
- More information:
Frediano Ziglio of Red Hat discovered a race condition flaw in spice's worker_update_monitors_config() function, leading to a heap-based memory corruption. A malicious user in a guest can take advantage of this flaw to cause a denial of service (QEMU process crash) or, potentially execute arbitrary code on the host with the privileges of the hosting QEMU process.
For the stable distribution (jessie), this problem has been fixed in version 0.12.5-1+deb8u1.
For the unstable distribution (sid), this problem has been fixed in version 0.12.5-1.2.
We recommend that you upgrade your spice packages.