RHSA-2021:1791-01 -- Redhat spice-vdagentID: oval:org.secpod.oval:def:506085 | Date: (C)2021-05-21 (M)2022-10-10 |
Class: PATCH | Family: unix |
The spice-vdagent packages provide a SPICE agent for Linux guests. Security Fix: * spice-vdagent: possible file transfer DoS and information leak via active_xfers hash map * spice-vdagent: UNIX domain socket peer PID retrieved via SO_PEERCRED is subject to race condition * spice-vdagent: memory DoS via arbitrary entries in active_xfers hash table * spice-vdagent: possibility to exhaust file descriptors in vdagentd For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 8 |