vulnerability

Ubuntu: USN-2766-1 (CVE-2015-5260): Spice vulnerabilities

Try Surface Command
Back to search
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Jun 7, 2016
Added
Nov 8, 2024
Modified
Aug 18, 2025

Description

Frediano Ziglio discovered multiple buffer overflows, undefined behavior
signed integer operations, race conditions, memory leaks, and denial
of service issues in Spice. A malicious guest operating system could
potentially exploit these issues to escape virtualization. (CVE-2015-5260,
CVE-2015-5261)

Solution

ubuntu-upgrade-libspice-server1

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today