Provides a complete open source solution for remote access to virtual machines in a seamless way so you can play videos, record audio, share USB devices and share folders without complications.
SPICE VDAgent does not properly escape save directory before passing to shell.
A local attacker could execute arbitrary commands.
There is no known workaround at this time.
All SPICE VDAgent users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
">=app-emulation/spice-vdagent-0.17.0_p20180319"