CVE-2023-3255

2023-09-1317:15:09

CWE-835

[email protected]

web.nvd.nist.gov

qemu

vnc

denial of service

cve-2023-3255

zlib buffer

infinite loop

clientcuttext

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.3

Confidence

High

EPSS

0.002

Percentile

52.9%

JSON

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflate_buffer function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.

Affected configurations

Nvd

Node

qemuqemuRange≤8.0.3

Node

redhatenterprise_linuxMatch8.0

redhatenterprise_linuxMatch9.0

Node

fedoraprojectfedoraMatch38

VendorProductVersionCPE
qemuqemu*cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
redhatenterprise_linux8.0cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
redhatenterprise_linux9.0cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
fedoraprojectfedora38cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qemu	qemu	*	cpe:2.3:a:qemu:qemu::::::::
redhat	enterprise_linux	8.0	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
redhat	enterprise_linux	9.0	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
fedoraproject	fedora	38	cpe:2.3:o:fedoraproject:fedora:38:::::::*