2 matches found
PT-2022-14969 · Oracle · Uek6
Name of the Vulnerable Software and Affected Versions: UEK6 version U3 Description: The code was missing an appropriate file descriptor count, resulting in a use count error. This allowed a file descriptor to a socket to be closed and freed while still in use by another portion of the kernel. An...
A flaw was found in the spice-vdagentd daemon where it did not properly handle client connections that can be established via the UNIX domain socket in `/run/spice-vdagentd/spice-vdagent-sock`. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to the spice-vdagentd daemon resulting in a denial of service. The highest threat from this vulnerability is to system availability. This flaw affects spice-vdagent versions 0.20 and prior.
...