Linux Distros Unpatched Vulnerability : CVE-2020-25650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with...

Linux Distros Unpatched Vulnerability : CVE-2020-25653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest us...

Linux Distros Unpatched Vulnerability : CVE-2020-25652

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in...

SUSE CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

SUSE CVE-2020-25652

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to th...

SUSE CVE-2020-25653

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The...

spice-vdagent: UNIX domain socket peer PID retrieved via SO_PEERCRED is subject to race condition

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw allows an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The highes...

spice-vdagent: possibility to exhaust file descriptors in vdagentd

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. This flaw allows any unprivileged local guest user to prevent legitimate agents from connecting to the...

OESA-2021-1081 spice-vdagent security update

spice-vdagent is an optional component for enhancing user experience and performing guest-oriented management tasks. Its features includes: client mouse mode no need to grab mouse by client, no mouse lag, automatic adjustment of screen resolution, copy and paste text and image between client and...

AZL-7365 CVE-2020-25653 affecting package spice-vdagent for versions less than 0.22.1-1

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The...

DEBIAN-CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

UBUNTU-CVE-2020-25652

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to th...

PT-2020-16149 · Red Hat +7 · Spice-Vdagent +8

Name of the Vulnerable Software and Affected Versions: spice-vdagent versions 0.20 and prior Description: A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent f...

PT-2020-16148 · Red Hat +7 · Spice-Vdagent +8

Name of the Vulnerable Software and Affected Versions: spice-vdagent versions 0.20 and prior Description: A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock...

UBUNTU-CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...