Mageia: 2020-0474 Moderate: SPICE Vdagent Denial Of Service Risk

mageia

December 29, 2020

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table

Summary

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service (CVE-2020-25650).
Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service, or obtain sensitive file contents (CVE-2020-25651).
Matthias Gerstner discovered that SPICE vdagent incorrectly handled a large number of client connections. A local attacker could possibly use this issue to cause SPICE vdagent to consume resources, resulting in a denial of service (CVE-2020-25652).
Matthias Gerstner discovered that SPICE vdagent incorrectly handled client connections. A local attacker could possibly use this issue to obtain sensitive information, paste clipboard contents, and transfer files into the active session (C...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=27568

- https://ubuntu.com/security/notices/USN-4617-1

- https://www.openwall.com/lists/oss-security/2020/11/04/1

- https://www.cve.org/CVERecord?id=CVE-2020-25650

- https://www.cve.org/CVERecord?id=CVE-2020-25651

- https://www.cve.org/CVERecord?id=CVE-2020-25652

- https://www.cve.org/CVERecord?id=CVE-2020-25653

Topics Covered

security advisory denial of service moderate severity local attack memory consumption Mageia mageia spice vdagent active_xfers SPICE vdagent

Resolution

SRPMS

- 7/core/spice-vdagent-0.19.0-1.1.mga7

Publication date: 29 Dec 2020

URL: https://advisories.mageia.org/MGASA-2020-0474.html

Type: security

CVE: CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653

Topics Covered

security advisory denial of service moderate severity local attack memory consumption Mageia mageia spice vdagent active_xfers SPICE vdagent

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia: 2020-0474 Moderate: SPICE Vdagent Denial Of Service Risk

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia: 2020-0474 Moderate: SPICE Vdagent Denial Of Service Risk

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!