Linux News Today: Spice Vulnerabilities Closed in Ubuntu 14.04 LTS and Ubuntu 15.04
A Spice vulnerability has been found and repaired in the Ubuntu 15.04 and Ubuntu 14.04 LTS operating systems.
The SPICE protocol client and server library has been patched in the past few months a couple of times, and this is just the latest fix. It’s not a major component, but users should really close any kind of exploit and vulnerability and upgrade their systems frequently.
“Frediano Ziglio discovered multiple buffer overflows, undefined behavior signed integer operations, race conditions, memory leaks, and denial of service issues in Spice. A malicious guest operating system could potentially exploit these issues to escape virtualization,” reads the security notice.
This is just one of the problems identified with the Spice packages. For a more detailed description of the problem, you should check the entire security notification. The flaws can be fixed if you upgrade your system to the latest libspice-server1 packages. To apply the patch, users will have to run the Update Manager application. In general, a standard system update will make all the necessary changes, and there is no need for a restart.
You can also use the terminal and enter the following commands (you will need to be root in order to make it work):
sudo apt-get update
sudo apt-get dist-upgrade
The procedure should be fast and easy to perform, unless you have other updates waiting in line.