CVE-2016-2150
SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.
Date published : 2016-06-09
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html