Tomas Jamrisko

**Name of the Vulnerable Software and Affected Versions** SPICE version 0.12.0 qspice versions 0.3.0 qspice-libs version 0.3.0 qspice-libs-devel version 0.3.0 qspice-debuginfo version 0.3.0 spice-server version 0.12.0 spice-server-devel version 0.12.0 spice-server-debuginfo version 0.12.0 **Description** The issue is related to a stack-based buffer overflow in the `reds handle ticket` function in `server/reds.c` that allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket. This can lead to disruption of protected information and can be exploited remotely. **Recommendations** For SPICE version 0.12.0, consider disabling the `reds handle ticket` function until a patch is available. For qspice versions 0.3.0, qspice-libs version 0.3.0, qspice-libs-devel version 0.3.0, qspice-debuginfo version 0.3.0, spice-server version 0.12.0, spice-server-devel version 0.12.0, and spice-server-debuginfo version 0.12.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.