Heap-based Buffer Overflow in SPICE Allows Arbitrary Code Execution via QXL Commands

Heap-based Buffer Overflow in SPICE Allows Arbitrary Code Execution via QXL Commands

CVE-2015-5260 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.

Learn more about our Attack Surface Assessment.