Test Kennung:	1.3.6.1.4.1.25623.1.0.130018
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2015-0373)
Zusammenfassung:	The remote host is missing an update for the 'spice' package(s) announced via the MGASA-2015-0373 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'spice' package(s) announced via the MGASA-2015-0373 advisory. Vulnerability Insight: Updated spice packages fix security vulnerability: A race condition flaw, leading to a heap-based memory corruption, was found in spice's worker_update_monitors_config() function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the privileges of the host QEMU-KVM process (CVE-2015-3247). Affected Software/OS: 'spice' package(s) on Mageia 4, Mageia 5. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3247 1033459 http://www.securitytracker.com/id/1033459 1033460 http://www.securitytracker.com/id/1033460 1033753 http://www.securitytracker.com/id/1033753 DSA-3354 http://www.debian.org/security/2015/dsa-3354 RHSA-2015:1713 http://rhn.redhat.com/errata/RHSA-2015-1713.html RHSA-2015:1714 http://rhn.redhat.com/errata/RHSA-2015-1714.html RHSA-2015:1715 http://rhn.redhat.com/errata/RHSA-2015-1715.html USN-2736-1 http://www.ubuntu.com/usn/USN-2736-1 [Spice-devel] 20151006 Announcing spice 0.12.6 http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html openSUSE-SU-2015:1566 http://lists.opensuse.org/opensuse-updates/2015-09/msg00018.html
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.