spice-vdagent
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Spice agent for Linux guests |
| Version | 0.22.1-4 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1303 | 0.20.0+6+g8adf50d-1 | 0.21.0-1 | Medium | Fixed | FS#68531 |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2020-25653 | AVG-1303 | Medium | No | Information disclosure | A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local... |
| CVE-2020-25652 | AVG-1303 | Low | No | Denial of service | A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in... |
| CVE-2020-25651 | AVG-1303 | Medium | No | Information disclosure | A flaw was found in the SPICE file transfer protocol. File data from the host system can end up in full or in parts in the client connection of an... |
| CVE-2020-25650 | AVG-1303 | Low | No | Denial of service | A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user... |