| Revision Date: | 2014-02-17 | Version: | 11 |
| Title: | RHSA-2013:1192: spice-server security update (Moderate) |
| Description: | The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error. |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CESA-2013:1192
CVE-2013-4130
RHSA-2013:1192-00
|
| Platform(s): | CentOS Linux 6
Red Hat Enterprise Linux 6
| Product(s): | spice-server
|
| Definition Synopsis |
| Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6
OR The operating system installed on the system is CentOS Linux 6.x
AND Packages section
spice-server is earlier than 0:0.12.0-12.el6_4.3
OR spice-server-devel is earlier than 0:0.12.0-12.el6_4.3
|