CVE-2017-15108

7.8HIGH

Key Information:

Vendor: Red Hat
Status: Spice-vdagent
Vendor: CVE Published:; 20 January 2018

Summary

spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed.

Affected Version(s)

spice-vdagent up to and including 0.17.0

References

https://security.gentoo.org/glsa/201804-09

vendor-advisoryx_refsource_GENTOO

https://cgit.freedesktop.org/spice/linux/vd_agent/commit/...

x_refsource_CONFIRM

https://lists.debian.org/debian-lts-announce/2021/01/msg0...

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 20, 2018
Vulnerability Reserved
Oct 8, 2017