PT-2020-16146 · Spice Vdagent+8 · Spice-Vdagent+8

Matthias Gerstner

·

Published

2020-11-03

·

Updated

2024-06-15

·

CVE-2020-25650

CVSS v3.1

6.4

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:L
Name of the Vulnerable Software and Affected Versions spice-vdagent versions 0.20 and previous versions
Description A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service for spice-vdagentd or even other processes in the VM system. The highest threat from this vulnerability is to system availability.
Recommendations For spice-vdagent versions 0.20 and previous versions, update to a version newer than 0.20 to resolve the issue. As a temporary workaround, consider restricting access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock to minimize the risk of exploitation.

Exploit

Fix

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

ALSA-2021:1791
ALT-PU-2021-1106
ALT-PU-2021-1155
ALT-PU-2023-1838
AZL-7362
CESA-2021_1791
CVE-2020-25650
DLA-2524-1
MGASA-2020-0474
OESA-2021-1081
OPENSUSE-SU-2021:2614-1
OPENSUSE-SU-2021_2614-1
OPENSUSE-SU-2024:11399-1
RHSA-2021:1791
RHSA-2021_1791
RLSA-2021:1791
SUSE-SU-2020:3268-1
SUSE-SU-2020_3268-1
SUSE-SU-2021:2614-1
SUSE-SU-2021:2766-1
SUSE-SU-2021:2803-1
SUSE-SU-2021_2614-1
SUSE-SU-2021_2766-1
SUSE-SU-2021_2803-1
USN-4617-1

Affected Products

Alt Linux
Almalinux
Centos
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu
Spice-Vdagent