Vulnerability Description
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qemu | Qemu | < 8.1.0 |
| Redhat | Openstack Platform | 13.0 |
| Redhat | Enterprise Linux | 7.0 |
| Fedoraproject | Fedora | 38 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/security/cve/CVE-2023-3354Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2216478Issue TrackingPatch
- https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html
- https://lists.fedoraproject.org/archives/list/[email protected]Mailing List
- https://access.redhat.com/security/cve/CVE-2023-3354Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2216478Issue TrackingPatch
- https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html
- https://lists.fedoraproject.org/archives/list/[email protected]Mailing List
FAQ
What is CVE-2023-3354?
CVE-2023-3354 is a vulnerability with a CVSS score of 7.5 (HIGH). A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the p...
How severe is CVE-2023-3354?
CVE-2023-3354 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-3354?
Check the references section above for vendor advisories and patch information. Affected products include: Qemu Qemu, Redhat Openstack Platform, Redhat Enterprise Linux, Fedoraproject Fedora.