 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Fri, 20 Aug 2010 14:17:51 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Important: qspice security update
Issue date: 2010-08-19
CVE Names: CVE-2010-0428 CVE-2010-0429
It was found that the libspice component of QEMU-KVM on the host did not
validate all pointers provided from a guest system's QXL graphics card
driver. A privileged guest user could use this flaw to cause the host to
dereference an invalid pointer, causing the guest to crash (denial of
service) or, possibly, resulting in the privileged guest user escalating
their privileges on the host. (CVE-2010-0428)
It was found that the libspice component of QEMU-KVM on the host could
be forced to perform certain memory management operations on memory
addresses controlled by a guest. A privileged guest user could use this
flaw to crash the guest (denial of service) or, possibly, escalate their
privileges on the host. (CVE-2010-0429)
SL 5.x
SRPMS:
qspice-0.3.0-54.el5_5.2.src.rpm
x86_64:
qspice-0.3.0-54.el5_5.2.x86_64.rpm
qspice-libs-0.3.0-54.el5_5.2.x86_64.rpm
qspice-libs-devel-0.3.0-54.el5_5.2.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|
