[3.3] spice: memory corruption in worker_update_monitors_config() (CVE-2015-3247)
Race condition in the worker_update_monitors_config function in SPICE
allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash)
or possibly execute arbitrary code on the host via unspecified vectors.
(0.12.5 is also vulnerable)
(from redmine: issue id 4672, created on 2015-09-29, closed on 2015-10-14)
- Revision a8876452 by Natanael Copa on 2015-10-13T09:01:43Z:
main/spice: security upgrade to 0.12.6 CVE-2015-3247 CVE-2015-5260 CVE-2015-5261 ref #4670 fixes #4672 ref #4762 fixes #4763