8 matches found
Astra Linux – Vulnerability in Qemu
A flaw was discovered in the QEMU-built-in VNC server during the processing of ClientCutText messages. A incorrect exit condition may lead to an infinite loop when inflating a zlib buffer controlled by an attacker in the inflatebuffer function. This could allow a remotely authenticated client, wh...
CLSA-2026-1777042213 qemu-kvm: Fix of 2 CVEs
Fix CVE-2023-3255 qemu-kvm: VNC inflatebuffer infinite loop ELSCVE-57519 - Fix CVE-2023-6683 qemu-kvm: VNC clipboard NULL pointer dereference ELSCVE-57516...
Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service
...
The vulnerability of the inflate_buffer() function in the VNC server QEMU, which allows a hacker to cause a service failure
The vulnerability of the inflatebuffer function in the VNC server QEMU is related to an incorrect exit condition, which leads to an infinite loop during buffer inflation using zlib. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader...
OESA-2023-1786 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib...
OESA-2023-1785 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib...
CVE-2023-3255 Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...