vulnerability

Oracle Linux: CVE-2018-10893: ELSA-2019-2229: spice-gtk security and bug fix update (MODERATE) (Multiple Advisories)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Jun 25, 2018
Added
Feb 12, 2020
Modified
Dec 3, 2025

Description

Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code.

Solutions

oracle-linux-upgrade-libgovirtoracle-linux-upgrade-libgovirt-develoracle-linux-upgrade-spice-gliboracle-linux-upgrade-spice-glib-develoracle-linux-upgrade-spice-gtkoracle-linux-upgrade-spice-gtk3oracle-linux-upgrade-spice-gtk3-develoracle-linux-upgrade-spice-gtk3-valaoracle-linux-upgrade-spice-gtk-develoracle-linux-upgrade-spice-gtk-pythonoracle-linux-upgrade-spice-gtk-toolsoracle-linux-upgrade-spice-vdagentoracle-linux-upgrade-virt-viewer

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today