Lucene search
Veracode Vulnerability DatabaseVERACODE:24148HistoryApr 10, 2020 - 12:47 a.m.
Denial Of Service (DoS)
2020-04-1000:47:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
EPSS
0.001
Percentile
20.8%
The Simple Protocol for Independent Computing Environments (SPICE) is vulnerable to Denial Of Service (DoS). It was found that the libspice component of QEMU-KVM on the host did not validate all pointers provided from a guest system’s QXL graphics card driver. A privileged guest user could use this flaw to cause the host to dereference an invalid pointer, causing the guest to crash (denial of service) or, possibly, resulting in the privileged guest user escalating their privileges on the host.
Related
prion
prion
Null pointer dereference
2010-08-24 18:00:00
cvelist
cvelist
CVE-2010-0428
2010-08-24 17:00:00
cve
cve
CVE-2010-0428
2010-08-24 18:00:01
debiancve
debiancve
CVE-2010-0428
2010-08-24 18:00:01
nvd
nvd
CVE-2010-0428
2010-08-24 18:00:01
redhat
redhat
(RHSA-2010:0633) Important: qspice security update
2010-08-19 00:00:00
(RHSA-2010:0622) Important: rhev-hypervisor security and bug fix update
2010-08-19 00:00:00
nessus
nessus
RHEL 5 : qspice (RHSA-2010:0633)
2013-01-24 00:00:00
Scientific Linux Security Update : qspice on SL5.x x86_64
2012-08-01 00:00:00
CentOS 5 : qspice (CESA-2010:0633)
2010-08-29 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2010-0633)
2015-10-06 00:00:00
centos
centos
qspice security update
2010-08-27 15:12:31
oraclelinux
oraclelinux
qspice security update
2010-08-19 00:00:00