Oval Definition:oval:org.opensuse.security:def:111650
Revision Date:2021-08-05Version:1
Title:Security update for spice-vdagent (Important)
Description:

This update for spice-vdagent fixes the following issues:

- Update to version 0.21.0 - CVE-2020-25650: memory DoS via arbitrary entries in `active_xfers` hash table (bsc#1177780) - CVE-2020-25651: possible file transfer DoS and information leak via `active_xfers` hash map (bsc#1177781) - CVE-2020-25652: possibility to exhaust file descriptors in `vdagentd` (bsc#1177782) - CVE-2020-25653: UNIX domain socket peer PID retrieved via `SO_PEERCRED` is subject to race condition (bsc#1177783)
Family:unixClass:patch
Status:Reference(s):1173749
1177780
1177781
1177782
1177783
CVE-2020-25650
CVE-2020-25651
CVE-2020-25652
CVE-2020-25653
openSUSE-SU-2021:2614-1
Platform(s):openSUSE Leap 15.3
Product(s):
Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND spice-vdagent-0.21.0-3.3.1 is installed
    • BACK