Vulnerability CVE-2023-3255


Published: 2023-09-13   Modified: 2023-09-14

Description:
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.

 References:
https://access.redhat.com/security/cve/CVE-2023-3255
https://bugzilla.redhat.com/show_bug.cgi?id=2218486

Copyright 2026, cxsecurity.com

 

Back to Top