PT-2020-16147 · Spice+8 · Spice-Vdagent+8

Matthias Gerstner

Published

2020-11-03

Updated

2023-05-21

CVE-2020-25651

CVSS v3.1

6.4

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:L

Name of the Vulnerable Software and Affected Versions spice-vdagent versions 0.20 and prior

Description A flaw was found in the SPICE file transfer protocol, allowing file data from the host system to end up in the client connection of an illegitimate local user in the VM system. This could also interrupt active file transfers from other users, resulting in a denial of service. The highest threat from this issue is to data confidentiality as well as system availability.

Recommendations For spice-vdagent versions 0.20 and prior, update to a version later than 0.20 to resolve the issue. As a temporary workaround, consider restricting access to the SPICE file transfer protocol to minimize the risk of exploitation.

Exploit

Fix

DoS

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALSA-2021:1791

ALT-PU-2021-1106

ALT-PU-2021-1155

ALT-PU-2023-1838

AZL-7363

CESA-2021_1791

CVE-2020-25651

DLA-2524-1

MGASA-2020-0474

OESA-2021-1081

OPENSUSE-SU-2021:2614-1

OPENSUSE-SU-2021_2614-1

RHSA-2021:1791

RHSA-2021_1791

RLSA-2021:1791

SUSE-SU-2020:3268-1

SUSE-SU-2021:2614-1

SUSE-SU-2021:2766-1

SUSE-SU-2021:2803-1

USN-4617-1

Affected Products

Alt Linux

Almalinux

Centos

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

Spice-Vdagent

PT-2020-16147 · Spice+8 · Spice-Vdagent+8

CVE-2020-25651

Weakness Enumeration

Related Identifiers

Affected Products

References · 61