CVE-2023-3255
Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.
Se encontró una falla en el servidor VNC integrado de QEMU al procesar mensajes ClientCutText. Una condición de salida incorrecta puede provocar un bucle infinito al inflar un búfer zlib controlado por un atacante en la función `inflate_buffer`. Esto podría permitir que un cliente remoto autenticado que pueda enviar un portapapeles al servidor VNC active una denegación de servicio.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-06-14 CVE Reserved
- 2023-09-13 CVE Published
- 2024-09-19 EPSS Updated
- 2024-11-15 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
https://security.netapp.com/advisory/ntap-20231020-0008 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2218486 | 2024-05-22 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:2135 | 2024-05-22 | |
https://access.redhat.com/errata/RHSA-2024:2962 | 2024-05-22 | |
https://access.redhat.com/security/cve/CVE-2023-3255 | 2024-05-22 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | <= 8.0.3 Search vendor "Qemu" for product "Qemu" and version " <= 8.0.3" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 38 Search vendor "Fedoraproject" for product "Fedora" and version "38" | - |
Affected
|