Frediano Ziglio of Red Hat discovered a race condition flaw in spice's worker_update_monitors_config() function, leading to a heap-based memory corruption. A malicious user in a guest can take advantage of this flaw to cause a denial of service (QEMU process crash) or, potentially execute arbitrary code on the host with the privileges of the hosting QEMU process. For the stable distribution (jessie), this problem has been fixed in version 0.12.5-1+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 0.12.5-1.2. We recommend that you upgrade your spice packages.
Frediano Ziglio of Red Hat discovered a race condition flaw in spice's worker_update_monitors_config() function, leading to a heap-based memory corruption. A malicious user in a guest can take advantage of this flaw to cause a denial of service (QEMU process crash) or, potentially execute arbitrary code on the host with the privileges of the hosting QEMU process.
For the stable distribution (jessie), this problem has been fixed in version 0.12.5-1+deb8u1.
For the unstable distribution (sid), this problem has been fixed in version 0.12.5-1.2.
We recommend that you upgrade your spice packages.