CVE-2017-15108

Published: Jan 20, 2018Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed.

Affected (2)

Products: Spice Space: Spice Vdagent · Debian: Debian Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Spice Space Spice Vdagent	Up to 0.17.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 9.0

Related CWEs

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (6)

https://cgit.freedesktop.org/spice/linux/vd_agent/commit/?id=8ba174816d245757e743e636df357910e1d5eb61

Source: secalert@redhat.com

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2021/01/msg00012.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/201804-09

Source: secalert@redhat.com

Third Party Advisory

https://cgit.freedesktop.org/spice/linux/vd_agent/commit/?id=8ba174816d245757e743e636df357910e1d5eb61

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2021/01/msg00012.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/201804-09

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.