Oval Definition:	oval:org.opensuse.security:def:117642
Revision Date: 2020-11-10 Version: 1 Title: Security update for spice-vdagent (Important) Description: This update for spice-vdagent fixes the following issues: Security issues fixed: - CVE-2020-25650: Fixed a memory DoS via arbitrary entries in `active_xfers` hash table (bsc#1177780). - CVE-2020-25651: Fixed a possible file transfer DoS and information leak via `active_xfers` hash map (bsc#1177781). - CVE-2020-25652: Fixed a possibility to exhaust file descriptors in `vdagentd` (bsc#1177782). - CVE-2020-25653: Fixed a race condition when the UNIX domain socket peer PID retrieved via `SO_PEERCRED` (bsc#1177783). Family: unix Class: patch Status: Reference(s): 1173749 1177780 1177781 1177782 1177783 CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 SUSE-SU-2020:3268-1 Platform(s): SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 Product(s): Definition Synopsis Release Information SUSE Linux Enterprise Desktop 15 SP2 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed OR SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed OR SUSE Linux Enterprise Server 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed OR SUSE Linux Enterprise Storage 7 is installed OR SUSE Manager Proxy 4.1 is installed OR SUSE Manager Retail Branch Server 4.1 is installed OR SUSE Manager Server 4.1 is installed AND spice-vdagent-0.19.0-3.3.1 is installed
BACK