QEMU VNC ClientCutText Infinite Loop DoS
CVE-2023-3255 Published on September 13, 2023
Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.
Vulnerability Analysis
CVE-2023-3255 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Timeline
Reported to Red Hat.
Made public. 6 days later.
Weakness Type
What is an Infinite Loop Vulnerability?
The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. If the loop can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such as CPU or memory.
CVE-2023-3255 has been classified to as an Infinite Loop vulnerability or weakness.
Products Associated with CVE-2023-3255
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-3255 are published in these products:
Affected Versions
Red Hat Enterprise Linux 8:- Version 8100020240314161907.e155f54d and below * is unaffected.
- Version 8100020240314161907.e155f54d and below * is unaffected.
- Version 17:8.2.0-11.el9_4 and below * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.