Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2016-2150

Published: 9 June 2016

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.

Priority

Medium

CVSS 3 base score: 7.1

Status

Package Release Status
spice
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was needed)
trusty
Released (0.12.4-0nocelt2ubuntu1.3)
upstream Needs triage

wily
Released (0.12.5-1.1ubuntu2.1)
xenial
Released (0.12.6-4ubuntu0.1)
yakkety
Released (0.12.6-4ubuntu1)
zesty
Released (0.12.6-4ubuntu1)