Vulnerability Details : CVE-2020-25650
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path `/run/spice-vdagentd/spice-vdagent-sock` could use this flaw to perform a memory denial of service for spice-vdagentd or even other processes in the VM system. The highest threat from this vulnerability is to system availability. This flaw affects spice-vdagent versions 0.20 and previous versions.
Vulnerability category: Denial of service
Products affected by CVE-2020-25650
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
- cpe:2.3:a:spice-space:spice-vdagent:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-25650
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-25650
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2020-25650
-
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
References for CVE-2020-25650
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GQT56LATVTB2DJOVVJOKQVMVUXYCT2VB/
[SECURITY] Fedora 32 Update: spice-vdagent-0.21.0-1.fc32 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIWJ2EIQXWEA2VDBODEATHAT37X4CREP/
[SECURITY] Fedora 33 Update: spice-vdagent-0.21.0-1.fc33 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1886345
1886345 – (CVE-2020-25650) CVE-2020-25650 spice-vdagent: memory DoS via arbitrary entries in `active_xfers` hash tableIssue Tracking;Patch;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2021/01/msg00012.html
[SECURITY] [DLA 2524-1] spice-vdagent security updateMailing List;Third Party Advisory
-
https://www.openwall.com/lists/oss-security/2020/11/04/1
oss-security - Security Issues in the spice-vdagentd daemonExploit;Mailing List;Third Party Advisory
Jump to