AVG-866

Package spice
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 0.14.0-2
Fixed 0.14.0-3
Current 0.14.0-3 [extra]
Ticket FS#61650
Created Wed Feb 6 12:10:27 2019
Issue Severity Remote Type Description
CVE-2019-3813 Critical Yes Arbitrary code execution
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of- bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of...
Date Advisory Package Description
11 Feb 2019 ASA-201902-4 spice arbitrary code execution