CVE-2015-5261
Published: 6 October 2015
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
Priority
Status
Package | Release | Status |
---|---|---|
spice Launchpad, Ubuntu, Debian |
precise |
Ignored
(end of life)
|
trusty |
Released
(0.12.4-0nocelt2ubuntu1.2)
|
|
upstream |
Needs triage
|
|
vivid |
Released
(0.12.5-1ubuntu0.2)
|
|
wily |
Released
(0.12.5-1.1ubuntu2)
|
|
xenial |
Released
(0.12.5-1.1ubuntu2)
|
|
yakkety |
Released
(0.12.5-1.1ubuntu2)
|
|
zesty |
Released
(0.12.5-1.1ubuntu2)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.1 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | None |
Vector | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |