A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2023-43931 | A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service. |
![]() |
USN-6567-1 | QEMU vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 17 Oct 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Fri, 13 Sep 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-10-17T17:14:32.839Z
Reserved: 2023-06-14T21:08:31.376Z
Link: CVE-2023-3255

Updated: 2024-08-02T06:48:08.172Z

Status : Modified
Published: 2023-09-13T17:15:09.877
Modified: 2024-11-21T08:16:48.617
Link: CVE-2023-3255


No data.