The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2016-06-09T16:00:00

Updated: 2024-08-05T22:30:03.963Z

Reserved: 2015-12-16T00:00:00

Link: CVE-2016-0749

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2016-06-09T16:59:00.127

Modified: 2024-11-21T02:42:18.057

Link: CVE-2016-0749

cve-icon Redhat

Severity : Important

Publid Date: 2016-06-06T00:00:00Z

Links: CVE-2016-0749 - Bugzilla