Scientific Linux Security Update : spice on SL7.x x86_64
Medium Nessus Plugin ID 102672
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- A vulnerability was discovered in spice server's protocol handling. An authenticated attacker could send specially crafted messages to the spice server, causing out-of-bounds memory accesses, leading to parts of server memory being leaked or a crash. (CVE-2017-7506)
This issue was discovered by Frediano Ziglio (Red Hat).
SolutionUpdate the affected spice-debuginfo, spice-server and / or spice-server-devel packages.