libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.

libspice，在Red Hat Enterprise Virtualization (RHEV) 2.2和qspice 0.3.0中的Hypervisor(即 rhev-hypervisor)中用于QEMU-KVM，并未正确验证 guest QXL驱动程序指针，这允许 guest OS用户导致服务拒绝(无效指针遍历和 guest OS崩溃)或通过未定义的向量可能获得权限。

NVD 暂无评分

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）