Frediano Ziglio discovered that Spice incorrectly handled certain invalid monitor configurations. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "0.12.4-0nocelt2ubuntu1.5", "binary_name": "libspice-server-dev" }, { "binary_version": "0.12.4-0nocelt2ubuntu1.5", "binary_name": "libspice-server1" }, { "binary_version": "0.12.4-0nocelt2ubuntu1.5", "binary_name": "libspice-server1-dbgsym" }, { "binary_version": "0.12.4-0nocelt2ubuntu1.5", "binary_name": "spice-client" }, { "binary_version": "0.12.4-0nocelt2ubuntu1.5", "binary_name": "spice-client-dbgsym" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "0.12.6-4ubuntu0.3", "binary_name": "libspice-server-dev" }, { "binary_version": "0.12.6-4ubuntu0.3", "binary_name": "libspice-server-dev-dbgsym" }, { "binary_version": "0.12.6-4ubuntu0.3", "binary_name": "libspice-server1" }, { "binary_version": "0.12.6-4ubuntu0.3", "binary_name": "libspice-server1-dbg" }, { "binary_version": "0.12.6-4ubuntu0.3", "binary_name": "libspice-server1-dbgsym" } ] }