Total vulnerabilities in the database
The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.
| Software | From | Fixed in |
|---|---|---|
| opensuse / leap | 42.1 | 42.1.x |
| opensuse / opensuse | 13.2 | 13.2.x |
| debian / debian_linux | 8.0 | 8.0.x |
| redhat / enterprise_linux | 6.0 | 6.0.x |
| redhat / enterprise_linux_desktop | 6.0 | 6.0.x |
| redhat / enterprise_linux_server | 6.0 | 6.0.x |
| redhat / enterprise_linux_workstation | 6.0 | 6.0.x |
| redhat / enterprise_linux | 7.0 | 7.0.x |
| redhat / enterprise_linux_desktop | 7.0 | 7.0.x |
| redhat / enterprise_linux_hpc_node_eus | 7.2 | 7.2.x |
| redhat / enterprise_linux_server | 7.0 | 7.0.x |
| redhat / enterprise_linux_server_aus | 7.2 | 7.2.x |
| redhat / enterprise_linux_server_eus | 7.2 | 7.2.x |
| redhat / enterprise_linux_workstation | 7.0 | 7.0.x |