Unity Linux 20.1060e / 20.1070e Security Update: spice-vdagent (UTSA-2026-016625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016625 advisory. A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to...

Unity Linux 20.1060e / 20.1070e Security Update: spice-vdagent (UTSA-2026-016611)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016611 advisory. A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with acce...

Unity Linux 20.1060e / 20.1070e Security Update: spice-vdagent (UTSA-2026-016615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016615 advisory. A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in...

EUVD-2020-18317

Malware in sbrugna...

EUVD-2020-18316

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-25650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with...

Linux Distros Unpatched Vulnerability : CVE-2020-25653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest us...

Linux Distros Unpatched Vulnerability : CVE-2020-25652

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in...

Rocky Linux 8 : spice-vdagent (RLSA-2021:1791)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1791 advisory. - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest...

SUSE CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

SUSE CVE-2020-25652

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to th...

SUSE CVE-2020-25653

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The...

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd possibly resulting in a denial of service or information leakage from the host. The highest threat from this vulnerability is to data confidentiality as well as system availability. This flaw affects spice-vdagent versions 0.20 and prior.

...

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path `/run/spice-vdagentd/spice-vdagent-sock` could use this flaw to perform a memory denial of service for spice-vdagentd or even other processes in the VM system. The highest threat from this vulnerability is to system availability. This flaw affects spice-vdagent versions 0.20 and previous versions.

...

A flaw was found in the spice-vdagentd daemon where it did not properly handle client connections that can be established via the UNIX domain socket in `/run/spice-vdagentd/spice-vdagent-sock`. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to the spice-vdagentd daemon resulting in a denial of service. The highest threat from this vulnerability is to system availability. This flaw affects spice-vdagent versions 0.20 and prior.

...

EulerOS 2.0 SP3 : spice-vdagent (EulerOS-SA-2021-2617)

According to the versions of the spice-vdagent package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged...

SUSE SLES15 Security Update : spice-vdagent (SUSE-SU-2021:2803-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2803-1 advisory. - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any...

SUSE SLES12 Security Update : spice-vdagent (SUSE-SU-2021:2766-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2766-1 advisory. - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any...

EulerOS 2.0 SP8 : spice-vdagent (EulerOS-SA-2021-2316)

According to the versions of the spice-vdagent package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged...

SUSE SLED15 / SLES15 Security Update : spice-vdagent (SUSE-SU-2021:2614-1)

The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2614-1 advisory. - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any...