Debian Linux Security Advisory 3354-1 - Frediano Ziglio of Red Hat discovered a race condition flaw in spice's worker_update_monitors_config() function, leading to a heap-based memory corruption. A malicious user in a guest can take advantage of this flaw to cause a denial of service (QEMU process crash) or, potentially execute arbitrary code on the host with the privileges of the hosting QEMU process.
caab0b2f4da7f8568fd006270bd9ea0fc01b713fc7834cb9e91257c591db3739