CVE-2023-3354

HIGH

QEMU < 8.1.0 - Unauthenticated Denial of Service via VNC Server Connection Cleanup

Title source: llm

Description

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.

References (4)

Core 4

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html

Mailing List

https://lists.fedoraproject.org/archives/list/[email protected]/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/

Third Party Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2023-3354

Issue Tracking, Patch issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2216478

Scores

CVSS v3 7.5

EPSS 0.0013

EPSS Percentile 31.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (7)

fedoraproject/fedora 38

qemu/qemu 8.1.0 rc0 (2 CPE variants)

qemu/qemu < 8.1.0

redhat/enterprise_linux 7.0

redhat/enterprise_linux 8.0 (2 CPE variants)

redhat/enterprise_linux 9.0

redhat/openstack_platform 13.0

Published Jul 11, 2023

Tracked Since Feb 18, 2026