{
  "threat_severity" : "Moderate",
  "public_date" : "2023-07-04T00:00:00Z",
  "bugzilla" : {
    "description" : "QEMU: VNC: infinite loop in inflate_buffer() leads to denial of service",
    "id" : "2218486",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2218486"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-835",
  "details" : [ "A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.", "A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service." ],
  "statement" : "The `qemu-kvm` versions as shipped with Red Hat Enterprise Linux 6, 7, and RHEL Advanced Virtualization are not affected by this flaw as they did not include VNC clipboard support (upstream commit 0bf41cab).",
  "acknowledgement" : "Red Hat would like to thank Kevin Denis (Synacktiv) for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-05-22T00:00:00Z",
    "advisory" : "RHSA-2024:2962",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "virt-devel:rhel-8100020240314161907.e155f54d"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-05-22T00:00:00Z",
    "advisory" : "RHSA-2024:2962",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "virt:rhel-8100020240314161907.e155f54d"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-04-30T00:00:00Z",
    "advisory" : "RHSA-2024:2135",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "qemu-kvm-17:8.2.0-11.el9_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm-ma",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8 Advanced Virtualization",
    "fix_state" : "Not affected",
    "package_name" : "virt:av/qemu-kvm",
    "cpe" : "cpe:/a:redhat:advanced_virtualization:8::el8"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-3255\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-3255" ],
  "name" : "CVE-2023-3255",
  "csaw" : false
}