Oval Definition:	oval:org.opensuse.security:def:92377
Revision Date: 2021-08-20 Version: 1 Title: Security update for spice-vdagent (Moderate) Description: This update for spice-vdagent fixes the following issues: - CVE-2020-25650: memory DoS via arbitrary entries in `active_xfers` hash table (bsc#1177780) - CVE-2020-25651: possible file transfer DoS and information leak via `active_xfers` hash map (bsc#1177781) - CVE-2020-25652: possibility to exhaust file descriptors in `vdagentd` (bsc#1177782) - CVE-2020-25653: UNIX domain socket peer PID retrieved via `SO_PEERCRED` is subject to race condition (bsc#1177783) Family: unix Class: patch Status: Reference(s): 1177780 1177781 1177782 1177783 CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 SUSE-SU-2021:2803-1 Platform(s): SUSE Linux Enterprise Server 15 SP1-BCL Product(s): Definition Synopsis SUSE Linux Enterprise Server 15 SP1-BCL is installed AND spice-vdagent-0.17.0-4.3.1 is installed
BACK