Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spice project spice 0.12.4 |
||
redhat enterprise linux 6.0 |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux hpc node 6 |
||
redhat enterprise linux hpc node 7.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux workstation 7.0 |