CVE-2016-9578

Priority
Description
A vulnerability was discovered in SPICE before 0.13.90 in the server's
protocol handling. An attacker able to connect to the SPICE server could
send crafted messages which would cause the process to crash.
Assigned-to
mdeslaur
Notes
Package
Source: spice (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):released (0.12.4-0nocelt2ubuntu1.4)
Ubuntu 16.04 LTS (Xenial Xerus):released (0.12.6-4ubuntu0.2)
Patches:
Upstream:https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=1c6517973095a67c8cb57f3550fc1298404ab556
Upstream:https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=f66dc643635518e53dfbe5262f814a64eec54e4a
More Information

Updated: 2020-09-10 05:33:24 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)