spice is vulnerable to denial of service. An authenticated attacker is able to crash the application via invalid monitor configurations. This is due to an out-of-bounds memory access when processing malicious messages.
www.debian.org/security/2017/dsa-3907
www.openwall.com/lists/oss-security/2017/07/14/1
www.securityfocus.com/bid/99583
access.redhat.com/errata/RHBA-2017:2529
access.redhat.com/errata/RHSA-2017:2471
access.redhat.com/errata/RHSA-2018:3522
access.redhat.com/security/cve/CVE-2017-7506
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1452606