VDB

GCVE-110-MAGEIA-2015-373

GCVE-110-MAGEIA-2015-373
Advisory Published
Vulnetix · Advisory published September 15, 2015
Updated spice packages fix security vulnerability: A race condition flaw, leading to a heap-based memory corruption, was found in spice's worker_update_monitors_config() function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the privileges of the host QEMU-KVM process (CVE-2015-3247).

Affected Products

VendorProductVersionsPlatforms
Mageiaspice0 (affected), 0.12.5-2.1.mga5 (unaffected)
Mageiaspice0 (affected), 0.12.4-4.1.mga4 (unaffected)

Browse GCVE Records

73,685 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›