SUSE-SU-2020:3268-1 -- SLES spice-vdagentID: oval:org.secpod.oval:def:89050504 | Date: (C)2023-10-10 (M)2023-10-10 |
Class: PATCH | Family: unix |
This update for spice-vdagent fixes the following issues: Security issues fixed: - CVE-2020-25650: Fixed a memory DoS via arbitrary entries in `active_xfers` hash table . - CVE-2020-25651: Fixed a possible file transfer DoS and information leak via `active_xfers` hash map . - CVE-2020-25652: Fixed a possibility to exhaust file descriptors in `vdagentd` . - CVE-2020-25653: Fixed a race condition when the UNIX domain socket peer PID retrieved via `SO_PEERCRED` .
Platform: |
SUSE Linux Enterprise Desktop 15 SP2 |