A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a malicious authenticated VNC client to crash QEMU and trigger a denial of service.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2024:2135 | |
https://access.redhat.com/errata/RHSA-2024:2962 | |
https://access.redhat.com/security/cve/CVE-2023-6683 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2254825 | Issue Tracking Patch |
https://security.netapp.com/advisory/ntap-20240223-0001/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2024-01-12T19:01:25.542Z
Updated: 2024-05-29T23:07:29.101Z
Reserved: 2023-12-11T14:45:48.417Z
Link: CVE-2023-6683
JSON object: View
NVD Information
Status : Modified
Published: 2024-01-12T19:15:11.480
Modified: 2024-05-22T17:16:09.600
Link: CVE-2023-6683
JSON object: View
Redhat Information
No data.
CWE