CVE-2020-25653

2020-11-26T02:15:00
ID CVE-2020-25653
Type cve
Reporter secalert@redhat.com
Modified 2021-02-19T17:38:00

Description

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The highest threat from this vulnerability is to data confidentiality as well as system availability. This flaw affects spice-vdagent versions 0.20 and prior.