CVE-2020-25650 — Allocation of Resources Without Limits or Throttling in Spice-vdagent
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 64.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 25
Latest updateMay 24
Description
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path `/run/spice-vdagentd/spice-vdagent-sock` could use this flaw to perform a memory denial of service for spice-vdagentd or even other processes in the VM system. The highest threat from this vulnerability is to system availability. This flaw affects spice-vdagent versions 0.20 and previous versions.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages8 packages
Also affects: Debian Linux 9.0, Fedora 32, 33
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-f637-jpfq-3wv2: A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine↗2022-05-24
OSV▶
CVE-2020-25650: A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine↗2020-11-25
📋Vendor Advisories
4Microsoft▶
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path `↗2020-11-10
Debian▶
CVE-2020-25650: spice-vdagent - A flaw was found in the way the spice-vdagentd daemon handled file transfers fro...↗2020