CVE-2023-6683

A flaw was found in the QEMU built-in VNC server while processing
ClientCutText messages. The qemu_clipboard_request() function can be
reached before vnc_server_cut_text_caps() was called and had the chance to
initialize the clipboard peer, leading to a NULL pointer dereference. This
could allow a malicious authenticated VNC client to crash QEMU and trigger
a denial of service.

Bugs

• <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060749&gt;
• <https://bugzilla.redhat.com/show_bug.cgi?id=2254825&gt;

Notes