Vulnerability Description
spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Spice-Space | Spice-Vdagent | <= 0.17.0 |
| Debian | Debian Linux | 9.0 |
Related Weaknesses (CWE)
References
- https://cgit.freedesktop.org/spice/linux/vd_agent/commit/?id=8ba174816d245757e74PatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2021/01/msg00012.htmlMailing ListThird Party Advisory
- https://security.gentoo.org/glsa/201804-09Third Party Advisory
- https://cgit.freedesktop.org/spice/linux/vd_agent/commit/?id=8ba174816d245757e74PatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2021/01/msg00012.htmlMailing ListThird Party Advisory
- https://security.gentoo.org/glsa/201804-09Third Party Advisory
FAQ
What is CVE-2017-15108?
CVE-2017-15108 is a vulnerability with a CVSS score of 7.8 (HIGH). spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary comma...
How severe is CVE-2017-15108?
CVE-2017-15108 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-15108?
Check the references section above for vendor advisories and patch information. Affected products include: Spice-Space Spice-Vdagent, Debian Debian Linux.