Security update for spice-vdagent
This update for spice-vdagent fixes the following issues:
Security issues fixed:
- CVE-2020-25650: Fixed a memory DoS via arbitrary entries in `active_xfers` hash table (bsc#1177780).
- CVE-2020-25651: Fixed a possible file transfer DoS and information leak via `active_xfers` hash map (bsc#1177781).
- CVE-2020-25652: Fixed a possibility to exhaust file descriptors in `vdagentd` (bsc#1177782).
- CVE-2020-25653: Fixed a race condition when the UNIX domain socket peer PID retrieved via `SO_PEERCRED` (bsc#1177783).
This update was imported from the SUSE:SLE-15-SP2:Update update project.
-
Submitted by
Bruce Rogers (bfrogers)
Fixed bugs
bnc#1173749
AUDIT-0: EMBARGOED: spice-vdagent: spice-vdagentd.service can be implicitly started by default
bnc#1177780
VUL-0: CVE-2020-25650: EMBARGOED: spice-vdagent: memory DoS via arbitrary entries in `active_xfers` hash table
bnc#1177781
VUL-0: CVE-2020-25651: EMBARGOED: spice-vdagent: possible file transfer DoS and information leak via `active_xfers` hash map
bnc#1177782
VUL-0: CVE-2020-25652: EMBARGOED: spice-vdagent: possibility to exhaust file descriptors in `vdagentd`
bnc#1177783
VUL-0: CVE-2020-25653: EMBARGOED: spice-vdagent: UNIX domain socket peer PID retrieved via `SO_PEERCRED` is subject to race condition
