Race condition in worker_update_monitors_config function in SPICE 0.12.4 allows remote authenticated guest user to cause denial of service or execute arbitrary code on host

Race condition in worker_update_monitors_config function in SPICE 0.12.4 allows remote authenticated guest user to cause denial of service or execute arbitrary code on host

CVE-2015-3247 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.

Learn more about our User Device Pen Test.