SUSE CVE-2020-25651

A flaw was found in the SPICE file transfer protocol. File data from the host system can end up in full or in parts in the client connection of an illegitimate local user in the VM system. Active file transfers from other users could also be interrupted, resulting in a denial of service. The...

spice-vdagent: possible file transfer DoS and information leak via active_xfers hash map

A flaw was found in the SPICE file transfer protocol. File data from the host system can partially or fully end up in the client connection of an unauthorized local user in the VM system. Active file transfers from other users could also be interrupted, resulting in a denial of service. The highe...

spice-vdagent: memory DoS via arbitrary entries in active_xfers hash table

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. This flaw allows any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock to perform a memory denial of service for...

Updated spice-vdagent package fixes security vulnerabilities

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service CVE-2020-25650. Matthias Gerstner discovered that SPICE vdagent incorrectly...

AZL-7365 CVE-2020-25653 affecting package spice-vdagent for versions less than 0.22.1-1

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The...

DEBIAN-CVE-2020-25651

A flaw was found in the SPICE file transfer protocol. File data from the host system can end up in full or in parts in the client connection of an illegitimate local user in the VM system. Active file transfers from other users could also be interrupted, resulting in a denial of service. The...

Ubuntu 18.04 LTS / 20.04 LTS : SPICE vdagent vulnerabilities (USN-4617-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4617-1 advisory. Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issu...

USN-4617-1: SPICE vdagent vulnerabilities

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service. CVE-2020-25650 Matthias Gerstner discovered that SPICE vdagent incorrectly...

USN-4617-1 spice-vdagent vulnerabilities

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service. CVE-2020-25650 Matthias Gerstner discovered that SPICE vdagent incorrectly...

UBUNTU-CVE-2020-25651

A flaw was found in the SPICE file transfer protocol. File data from the host system can end up in full or in parts in the client connection of an illegitimate local user in the VM system. Active file transfers from other users could also be interrupted, resulting in a denial of service. The...

UBUNTU-CVE-2020-25652

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to th...

GLSA-201804-09 : SPICE VDAgent: Arbitrary command injection

The remote host is affected by the vulnerability described in GLSA-201804-09 SPICE VDAgent: Arbitrary command injection SPICE VDAgent does not properly escape save directory before passing to shell. Impact : A local attacker could execute arbitrary commands. Workaround : There is no known...

SPICE VDAgent: Arbitrary command injection

Background Provides a complete open source solution for remote access to virtual machines in a seamless way so you can play videos, record audio, share USB devices and share folders without complications. Description SPICE VDAgent does not properly escape save directory before passing to shell...

Red Hat spice-vdagent Command Injection Vulnerability

Red Hat SPICE is an enterprise virtualized desktop version of Red Hat's adaptive telepresence open-source protocol, which is used to connect users to their virtual desktops, providing the same end-user experience as physical desktops. spice-vdagent is one of the client tools. A security...

DEBIAN-CVE-2017-15108

spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed...

UBUNTU-CVE-2017-15108

spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed...