Ubuntu has issued an advisory on November 4: https://ubuntu.com/security/notices/USN-4617-1 Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
More information: https://www.openwall.com/lists/oss-security/2020/11/04/1
Hi, thanks for reporting this. Assigned to the package maintainer/recent commiters. (Please set the status to 'assigned' if you are working on it)
CC: (none) => thierry.vignaudAssignee: bugsquad => alienKeywords: (none) => Triaged
Patched packages uploaded for Mageia 7 and Cauldron. Advisory: ======================== Updated spice-vdagent package fixes security vulnerabilities: Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service (CVE-2020-25650). Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service, or obtain sensitive file contents (CVE-2020-25651). Matthias Gerstner discovered that SPICE vdagent incorrectly handled a large number of client connections. A local attacker could possibly use this issue to cause SPICE vdagent to consume resources, resulting in a denial of service (CVE-2020-25652). Matthias Gerstner discovered that SPICE vdagent incorrectly handled client connections. A local attacker could possibly use this issue to obtain sensitive information, paste clipboard contents, and transfer files into the active session (CVE-2020-25653). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25650 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25651 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25652 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25653 https://ubuntu.com/security/notices/USN-4617-1 ======================== Updated packages in core/updates_testing: ======================== spice-vdagent-0.19.0-1.1.mga7 from spice-vdagent-0.19.0-1.1.mga7.src.rpm
Version: Cauldron => 7Whiteboard: MGA7TOO => (none)Assignee: alien => qa-bugs
Installed and tested without issues. Copy and paste worked. Screen resizing worked. No issues or regressions found. Host system: Mageia 7, x86_64, Plasma DE, LXQt DE, virt-viewer, virt-manager, Intel CPU, nVidia GPU using nvidia-current proprietary driver. Guest system: Mageia 7, x86_64, LXQt DE, Intel CPU, virtio driver, splice-agent, spice-webdavd. $ ##### GUEST SYSTEM ##### $ uname -a Linux marte-vm-mageia-7 5.10.3-desktop-1.mga7 #1 SMP Sat Dec 26 18:15:40 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ rpm -q spice-vdagent spice-vdagent-0.19.0-1.1.mga7 $ lspcidrake virtio_pci : Red Hat, Inc.|Virtio block device [STORAGE_SCSI] uhci_hcd : Intel Corporation|82801I (ICH9 Family) USB UHCI Controller #1 [SERIAL_USB] (rev: 03) Card:Virtio virtual video card: Red Hat, Inc.|Virtio GPU [DISPLAY_VGA] (rev: 01) uhci_hcd : Intel Corporation|82801I (ICH9 Family) USB UHCI Controller #3 [SERIAL_USB] (rev: 03) virtio_pci : Red Hat, Inc.|Virtio RNG virtio_pci : Red Hat, Inc.|Virtio console [COMMUNICATION_OTHER] unknown : Intel Corporation|82801IR/IO/IH (ICH9R/DO/DH) 6 port SATA Controller [AHCI mode] [STORAGE_SATA] (rev: 02) ata_piix : Intel Corporation|82371SB PIIX3 IDE [Natoma/Triton II] [STORAGE_IDE] virtio_pci : Red Hat, Inc.|Virtio network device [NETWORK_ETHERNET] i2c_piix4 : Intel Corporation|82371AB/EB/MB PIIX4 ACPI [BRIDGE_OTHER] (rev: 03) unknown : Intel Corporation|440FX - 82441FX PMC [Natoma] [BRIDGE_HOST] (rev: 02) uhci_hcd : Intel Corporation|82801I (ICH9 Family) USB UHCI Controller #2 [SERIAL_USB] (rev: 03) virtio_pci : Red Hat, Inc.|Virtio memory balloon snd_hda_intel : Intel Corporation|82801I (ICH9 Family) HD Audio Controller [MULTIMEDIA_AUDIO_DEV] (rev: 03) unknown : Intel Corporation|82371SB PIIX3 ISA [Natoma/Triton II] [BRIDGE_ISA] ehci_pci : Intel Corporation|82801I (ICH9 Family) USB2 EHCI Controller #1 [SERIAL_USB] (rev: 03) virtio_pci : Red Hat, Inc.|Virtio filesystem hub : Linux 5.10.3-desktop-1.mga7 ehci_hcd|EHCI Host Controller [Hub|Unused|Full speed (or root) hub] usbhid : QEMU|QEMU USB Tablet [Human Interface Device|No Subclass|None] hub : Linux 5.10.3-desktop-1.mga7 uhci_hcd|UHCI Host Controller [Hub|Unused|Full speed (or root) hub] hub : Linux 5.10.3-desktop-1.mga7 uhci_hcd|UHCI Host Controller [Hub|Unused|Full speed (or root) hub] hub : Linux 5.10.3-desktop-1.mga7 uhci_hcd|UHCI Host Controller [Hub|Unused|Full speed (or root) hub] hid_generic : QEMU QEMU USB Tablet $ lspci 00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02) 00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II] 00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II] 00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03) 00:02.0 VGA compatible controller: Red Hat, Inc. Virtio GPU (rev 01) 00:03.0 Ethernet controller: Red Hat, Inc. Virtio network device 00:04.0 Audio device: Intel Corporation 82801I (ICH9 Family) HD Audio Controller (rev 03) 00:05.0 USB controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #1 (rev 03) 00:05.1 USB controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #2 (rev 03) 00:05.2 USB controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #3 (rev 03) 00:05.7 USB controller: Intel Corporation 82801I (ICH9 Family) USB2 EHCI Controller #1 (rev 03) 00:06.0 SATA controller: Intel Corporation 82801IR/IO/IH (ICH9R/DO/DH) 6 port SATA Controller [AHCI mode] (rev 02) 00:07.0 Unclassified device [00ff]: Red Hat, Inc. Virtio memory balloon 00:08.0 Unclassified device [0002]: Red Hat, Inc. Virtio filesystem 00:09.0 Unclassified device [00ff]: Red Hat, Inc. Virtio RNG 00:0a.0 SCSI storage controller: Red Hat, Inc. Virtio block device 00:0b.0 Communication controller: Red Hat, Inc. Virtio console $ ##### HOST SYSTEM ##### $ uname -a Linux marte 5.7.19-desktop-3.mga7 #1 SMP Sun Oct 18 15:46:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ rpm -qa | egrep -i '(spice|virt|qemu)' | sort ipxe-roms-qemu-20190125-1.mga7 lib64govirt2-0.3.4-8.mga7 lib64spice-client-glib2.0_8-0.37-1.mga7 lib64spice-client-glib-gir2.0-0.37-1.mga7 lib64spice-client-gtk3.0_5-0.37-1.mga7 lib64spice-client-gtk-gir3.0-0.37-1.mga7 lib64spice-server1-0.14.2-1.1.mga7 lib64virt0-5.5.0-1.3.mga7 lib64virt-glib1.0_0-2.0.0-1.mga7 lib64virt-glib-gir1.0-2.0.0-1.mga7 libgovirt-0.3.4-8.mga7 libvirt-utils-5.5.0-1.3.mga7 python3-libvirt-5.5.0-1.mga7 qemu-audio-alsa-4.0.0-2.mga7 qemu-audio-oss-4.0.0-2.mga7 qemu-audio-pa-4.0.0-2.mga7 qemu-audio-sdl-4.0.0-2.mga7 qemu-block-curl-4.0.0-2.mga7 qemu-block-dmg-4.0.0-2.mga7 qemu-block-iscsi-4.0.0-2.mga7 qemu-block-nfs-4.0.0-2.mga7 qemu-block-ssh-4.0.0-2.mga7 qemu-common-4.0.0-2.mga7 qemu-img-4.0.0-2.mga7 qemu-kvm-4.0.0-2.mga7 qemu-system-x86-4.0.0-2.mga7 qemu-system-x86-core-4.0.0-2.mga7 qemu-ui-curses-4.0.0-2.mga7 qemu-ui-gtk-4.0.0-2.mga7 qemu-ui-sdl-4.0.0-2.mga7 spice-gtk-0.37-1.mga7 virt-manager-2.1.0-2.mga7 virt-manager-common-2.1.0-2.mga7 virt-viewer-8.0-3.mga7 wireshark-libvirt-5.5.0-1.3.mga7
Whiteboard: (none) => MGA7-64-OKCC: (none) => mageia
Validating. Advisory in Comment 3.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Advisory pushed to SVN.
CC: (none) => ouaurelienSource RPM: spice-vdagent-0.20.0-3.mga8.src.rpm => spice-vdagent-0.19.0-1.mga7.src.rpmCVE: (none) => CVE-2020-2565[0-3]Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0474.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED