Red Hat Security Advisory 2019-0457-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include an off-by-one error.
05240ca35ab0884fd7a25fa142af88cdf00b81ed1453000b8a98e0494394002b
Red Hat Security Advisory 2019-0231-01 - The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Issues addressed include an off-by-one error.
7d6ae7f9db2dbef1c0230d17826701cf08e76873ca847339dabf4b152c8d36cd
Red Hat Security Advisory 2019-0232-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Issues addressed include an off-by-one error.
d09f0a0488731b09d6e56b80cd725749619a0d9a28bdc1c4b130959e3f76b6c0
Debian Linux Security Advisory 4375-1 - Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code.
2fefc99471bde1e9874b533008268cea08d397a084f2b10977898a4ddcdaa27b
Ubuntu Security Notice 3870-1 - Christophe Fergeau discovered that Spice incorrectly handled memory. A remote attacker could use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.
75b3b84236b60b3458a63a5f717cbd80617cbb119d28df06110534f0ab7a42d0