Red Hat Product Errata RHSA-2015:1715 - Security Advisory
Issued:
2015-09-03
Updated:
2015-09-03

RHSA-2015:1715 - Security Advisory

Synopsis

Important: spice-server security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An updated spice-server package that fixes one security issue is now
available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

Description

The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display protocol for virtual environments. SPICE users can access a
virtualized desktop or server from the local system or any system with
network access to the server. SPICE is used in Red Hat Enterprise Linux for
viewing virtualized guests running on the Kernel-based Virtual Machine
(KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors.

A race condition flaw, leading to a heap-based memory corruption, was found
in spice's worker_update_monitors_config() function, which runs under the
QEMU-KVM context on the host. A user in a guest could leverage this flaw to
crash the host QEMU-KVM process or, possibly, execute arbitrary code with
the privileges of the host QEMU-KVM process. (CVE-2015-3247)

This issue was discovered by Frediano Ziglio of Red Hat.

All spice-server users are advised to upgrade to this updated package,
which contains a backported patch to correct this issue.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.7 x86_64
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux for SAP Solutions for x86_64 - Extended Update Support 6.7 x86_64
  • Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.7 x86_64
  • Red Hat Enterprise Linux EUS Compute Node 6.7 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64

Fixes

  • BZ - 1233238 - CVE-2015-3247 spice: memory corruption in worker_update_monitors_config()

Red Hat Enterprise Linux Server 6

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-devel-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: ccbc483b5afe8a5c77bc34fb11b801deb08f7495f81dc228079af0ef01eee082
spice-server-devel-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: ccbc483b5afe8a5c77bc34fb11b801deb08f7495f81dc228079af0ef01eee082

Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.7

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-devel-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: ccbc483b5afe8a5c77bc34fb11b801deb08f7495f81dc228079af0ef01eee082

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-devel-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: ccbc483b5afe8a5c77bc34fb11b801deb08f7495f81dc228079af0ef01eee082

Red Hat Enterprise Linux Workstation 6

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-devel-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: ccbc483b5afe8a5c77bc34fb11b801deb08f7495f81dc228079af0ef01eee082

Red Hat Enterprise Linux Desktop 6

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-devel-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: ccbc483b5afe8a5c77bc34fb11b801deb08f7495f81dc228079af0ef01eee082

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-devel-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: ccbc483b5afe8a5c77bc34fb11b801deb08f7495f81dc228079af0ef01eee082

Red Hat Enterprise Linux Server from RHUI 6

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-devel-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: ccbc483b5afe8a5c77bc34fb11b801deb08f7495f81dc228079af0ef01eee082

Red Hat Enterprise Linux for SAP Solutions for x86_64 - Extended Update Support 6.7

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77

Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.7

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77

Red Hat Enterprise Linux EUS Compute Node 6.7

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-devel-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: ccbc483b5afe8a5c77bc34fb11b801deb08f7495f81dc228079af0ef01eee082

Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6

SRPM
spice-server-0.12.4-12.el6_7.1.src.rpm SHA-256: f8220defb754c7b24255389e89eb02947ce68a843b18cbbbd091fc76f9145339
x86_64
spice-server-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: 7199da3475b8fad704645ccb80a235d3528309e23fbfc1d0cbc02a2c1fadb260
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-debuginfo-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: a993f2b7f1d124a95e6268086c5e402c7d1ca5df2ae8411fb5cc917f621acf77
spice-server-devel-0.12.4-12.el6_7.1.x86_64.rpm SHA-256: ccbc483b5afe8a5c77bc34fb11b801deb08f7495f81dc228079af0ef01eee082

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.