Debian Bug report logs -
#973769
spice-vdagent: CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, Liang Guo <guoliang@debian.org>:
Bug#973769; Package src:spice-vdagent.
(Wed, 04 Nov 2020 20:33:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, Liang Guo <guoliang@debian.org>.
(Wed, 04 Nov 2020 20:33:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: spice-vdagent
Version: 0.20.0-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Hi,
The following vulnerabilities were published for spice-vdagent.
CVE-2020-25650[0]:
| Memory DoS via Arbitrary Entries in active_xfers Hash Table
CVE-2020-25651[1]:
| Possible File Transfer DoS and Information Leak via active_xfers
| Hash Map
CVE-2020-25652[2]:
| Possibility to Exhaust File Descriptors in vdagentd
CVE-2020-25653[3]:
| UNIX Doman Socket Peer PID Retrieved via SO_PEERCRED is Subject to
| Race Condition
Altough the security-tracker lists all the individual commits all of
the commits mentioned in the oss-security post should be taken:
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/ce144335ff45b16be2241c45a683cc01e0f50558
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/1a8b93ca6ac0b690339ab7f0afc6fc45d198d332
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/9d35d8a86fb310fc1f29d428c0a96995948d2357
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/91caa9223857708475d29df1768208fed1675340
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/51c415df82a52e9ec033225783c77df95f387891
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/5c50131797e985d0a5654c1fd7000ae945ed29a7
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/812ca777469a377c84b9861d7d326bfc72563304
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/e4bfd1b632b6c14e8411dbe3565115a78cd3d256
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/b7db1c20c9f80154fb54392eb44add3486d3e427
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/5094d5cfe66748dffcca8529745f8b3c76195d7a
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2020-25650
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25650
[1] https://security-tracker.debian.org/tracker/CVE-2020-25651
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25651
[2] https://security-tracker.debian.org/tracker/CVE-2020-25652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25652
[3] https://security-tracker.debian.org/tracker/CVE-2020-25653
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25653
[4] https://www.openwall.com/lists/oss-security/2020/11/04/1
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Marked as found in versions spice-vdagent/0.18.0-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 04 Nov 2020 20:39:02 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Mon Nov 16 08:11:48 2020;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon